WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2011 >> [2011] EPICAlert 3

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 18.03 [2011] EPICAlert 3

EPIC Alert 18.03

                            E P I C   A l e r t
Volume 18.03                                         February 15, 2011

                           Published by the
               Electronic Privacy Information Center (EPIC)
   Washington, D.C.


                    "Defend Privacy. Support EPIC."

                  Report All Screening Experiences at
                   EPIC Body Scanner Incident Report

Table of Contents
[1] Senate Seeks to Curtail Current TSA Screening Procedures
[2] Congress Unfriends Facebook
[3] Chairman Issa Investigates "Political
Review" Policy at DHS
[4] EPIC Opposes Secret Evidence in Body Scanner Lawsuit
[5] NJ Supreme Court: Expungement Statute Does Not
Cover Private Facts
[6] News In Brief
[7] EPIC Book Review: "State Power and Democracy"
[8] Upcoming Conferences and Events

ACTION: Stop Airport Strip Searches!
- JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends

[1] Senate Seeks to Curtail Current TSA Screening Procedures

Senator Tom Udall of New Mexico has introduced Senate Amendment
which would require the Transportation Security Administration (TSA) to
curtail current body scanner procedures by January 1,
2012. The TSA will
be required to install software that will block the images of
passengers' naked bodies that TSA officials currently

Senator Udall cited "the privacy of airline passengers" and "significant
privacy concerns" in a letter to constituents explaining
the legislative
measure. The Senator explained that the Amendment would mean "a separate
TSA officer will no longer be required to
view the image in a
remotely-located viewing room." Udall also emphasized that the full
pat-down option the TSA rolled out in November
of 2010 failed to provide
an effective alternative for passengers mindful of risks to their

On February 2, 2011, EPIC filed
a new Freedom of Information Act (FOIA)
lawsuit against the TSA seeking compliance with its request for
documents relating to the new procedures. EPIC's FOIA Project
responsible for the initial revelations that TSA's body scanner devices
were designed to capture, store, and transfer the naked
images they

In a separate suit in the D.C. Circuit Court of Appeals, EPIC has
requested a full suspension of the body scanner
program, as it is
invasive, unlawful, and ineffective. Oral argument for EPIC's suit is
scheduled for March 10, 2011.

51 (Sen. Tom Udall)

Sen. Tom Udall's Constituent Letter

EPIC: EPIC v. DHS (Suspension of Body Scanners)

EPIC: Automated Target Recognition FOIA Complaint

EPIC: Whole Body Imaging Technology

[2] Congress Unfriends Facebook

A February 2011 letter from Rep. Ed Markey (D-MA) and Rep. Joe Barton
(R-TX) to Mark Zuckerberg questions Facebook's plans to make
addresses and mobile phone numbers available to websites and application
developers. After heavy criticism, Facebook has suspended
the policy,
but said it would go forward once it had made further changes. EPIC
Executive Director Marc Rotenberg said that, "Facebook
is trying to blur
the line between public and private information. And the request for
permission does not make clear to the user
why the information is needed
or how it will be used."

Congressmen Markey and Barton have previously written to Facebook,
to news that the social media giant's business partners
transmitted personal user data to advertising and Internet tracking
in direct violation of Facebook's policies. EPIC, joined by
many consumer and privacy organizations, has two complaints pending at
the Federal Trade Commission charging that Facebook's earlier changes to
users' privacy settings constitute unfair and deceptive
trade practices.
The Commission has failed to act on either of these complaints.

However, Facebook also has made a positive move
to protect users'
privacy, announcing that they would be switching to full session
encryption, through HTTPS. Though the change is
not yet the default
setting, users will be able to opt into HTTPS through their "Account
Settings." The switch to an encrypted network
will promote both privacy
and security, particularly when users access Facebook from public
Internet access points. Previously, Facebook
only used HTTPS when users'
passwords were being sent to the site. Third party applications
currently do not support HTTPS.

has previously recommended the adoption of strong privacy
techniques for cloud-based services. In 2009, EPIC filed a complaint
the Federal Trade Commission, urging an investigation into Google's
cloud computing services to determine the adequacy of privacy
security safeguards, but the Commission did not act on this complaint
either. Google subsequently established HTTPS by default
for Gmail.

Reps. Markey and Barton: Letter to Facebook (February 2, 2011)

Facebook: Addresses and Mobile Phone Numbers

Reps. Markey and Barton: Letter to Facebook (October 18. 2010)

Facebook: HTTPS

EPIC: FTC Cloud Computing Complaint (March 17, 2009)

EPIC: Facebook

EPIC: In Re Facebook

EPIC: In Re Facebook II

EPIC: Cloud Computing

[3] Chairman Issa Investigates "Political Review" Policy
at DHS

Rep. Darrell E. Issa (R-CA), chair of the House Committee
on Oversight
and Government Reform, issued a letter to Secretary Janet Napolitano
demanding that the Department of Homeland Security
(DHS) release all
documents regarding its policy of vetting Freedom of Information Act
(FOIA) requests through political appointees. "The public has a right to
know what its government is doing," Rep. Issa stated. Issa
documents released to the Office of the Inspector General, the
Associated Press, and other congressional offices; e-mail between
personnel and the White House; and Responsive e-mails to or from front
office personnel regarding FOIA.

Rep. Issa, citing President
Obama's open government and transparency
memorandum, questioned the agency's adherence to those principles. After
a September briefing
by Chief Privacy Officer Mary Ellen Callahan
concerning DHS's directive that required certain FOIA requests to be
vetted by political
appointees, Callahan claimed to Issa that this was
not, in fact, the policy. Based on these assertions, Rep. Issa decided
to delay
the committee's inquiry. However, when further evidence was
brought to his attention in January 2011 that DHS did have a policy of
vetting requests, Rep. Issa concluded that that the evidence "raise[d]
questions about the Department's commitment to the President's
effort to
create 'an unprecedented level of openness in Government.'"

Rep. Issa also requested that a number of DHS Front Office
including Chief Privacy Officer Mary Ellen Callahan, Chief FOIA Officer
Catherine Papoi, and Chief of Staff to the Secretary
Noah Kroloff, be
made available to the committee for transcribed interviews about DHS's
FOIA policy and procedures.

After reviewing
documents released by DHS indicating the policy resulted
in the improper delay of FOIA requests, EPIC filed a letter recommending
that the FOIA Ombudsman conduct an investigation of DHS FOIA policies
and practices.  The DHS policy is contrary to federal law and
Court holdings, as the FOIA does not permit agencies to select requests
for political scrutiny.

Letter from Rep. Darrell
E. Issa (R-CA) to Secretary Janet Napolitano

President Barack Obama: Memorandum on Transparency and Open Government

EPIC: letter to Director Miriam Nisbet, OGIS

Office of Government Information Services

DHS: FOIA Policy
Freedom of Information Act

EPIC: Open Government
EPIC: Federal Open Government Laws 2010

[4] EPIC Opposes Secret Evidence in Body Scanner Lawsuit

In EPIC’s case against the Department of Homeland
Security and the
Transportation Security Agency to suspend the use of body scanners in
airports across the country, the government
has asked the court for
permission to file secret evidence. Local procedural rules in the
District of Columbia Circuit state that
information may only be entered
under seal where the information was under seal during the agency's
decision making process, and
still "need[s] to remain under seal on
appeal." In opposition to the request, EPIC argued that these rules
presume that both parties
will have access to sealed materials.

The agency used the term "Sensitive Security Information" to
characterize unclassified evidence
it nonetheless wishes to hide from
public scrutiny. The law granting the agency authority to issue
"Sensitive Security Information"
directives identifies four potential
legal justifications for doing so, none of which the agency cited in its
motion. The agency
failed to give EPIC any opportunity to challenge
individual directives before filing its request.

In addition, the government offered
a novel justification for filing
scientific research under seal, claiming that certain studies were
protected under copyright. An
appeals court has previously held that
federal copyright laws do not protect intellectual property once it is
adopted as part of
the law. In this case, it is apparent that Congress
did not intend the Copyright Act to give scientific researchers the
right to
prevent full access to the legal justifications for TSA
regulations. The agency offered no legal justification for leveraging
laws to prevent EPIC from scrutinizing its legal claims.

EPIC filed its opposition to the motion on February 10, 2011, requesting
that the Court deny the agency's motion, or in the alternative, provide
sealed copies of the materials which are available to both
parties. Oral
argument for the case is scheduled for March 10, 2011.

DHS Motion to File Secret Evidence

EPIC Opposition to Motion

EPIC: EPIC v. DHS (Suspension of Body Scanners)

EPIC: Whole Body Imaging Technology

[5] NJ Supreme Court: Expungement Statute Does Not Cover
Private Facts

The New Jersey Supreme Court heard oral arguments
on September 14, 2010
in the case of G.D. v. Kenny. The plaintiff in the case, G.D., was an
aide to Brian Stack. In 2007, Stack decided
to run for the New Jersey
Senate. However, the Hudson Country Democratic Organization ("HCDO")
supported Stack's opponent in the
primary election.

After obtaining records of G.D.’s criminal history, HCDO created and
distributed 17,000 flyers alleging
that G.D. was a "DRUG DEALER who went
to JAIL for FIVE YEARS for selling coke near a public school." The flyer
also displayed G.D.'s
photo. Unknown to the advertising firm, an order
of expungement was entered in June 2006 for G.D.'s conviction. The
Department of
Corrections continued to list information about G.D.'s
conviction and sentence as late as August 2008 despite the expungement

In a claim against HCDO for defamation, the appellate court found that
because the information on the flyers was true, it could
not support a
defamation claim, and dismissed it. On appeal, the Supreme Court of New
Jersey held that defendants are entitled to
assert truth as a defense,
even when the relevant facts are subject to an expungement order under a
state statute. The decision is
a setback to the notion of “The Right to
be Forgotten.”

EPIC had filed an “friend of the court” brief in
the case, highlighting
the increasing risk that private firms will make available inaccurate,
incomplete, and outdated information
if expungement orders are not
enforced. Furthermore, EPIC argued that expungement is a judicial
determination that should be respected.
The omission of expungement
judgments from court records introduces errors into databases sold by
states as well as commercial databases
sold by data mining companies.
These errors can lead to a range of consequences - from inconvenience to
the loss of civil liberties.

EPIC: G.D. v. Kenny

EPIC: Expungement

Press Release: “The Right to be Forgotten”

Superior Court of N.J. Appellate Division: G.D. v. Kenny

NJ Supreme Court: G.D. v. Kenny
[6] News In Brief

NIST Seeks Comments on Guidelines for Cloud Computing

The National Institute for Standards and Technology (NIST) has announced
that it is accepting comments on two draft documents on cloud computing:
the NIST Definition of Cloud Computing and the Guidelines
on Security
and Privacy in Public Cloud Computing. The documents were prepared after
the Federal Chief Information Officer asked
NIST to develop standards
and guidelines to assist the federal government’s secure adoption of
cloud computing. EPIC has warned
of the ongoing privacy risks associated
with cloud computing since its expansion into the public sphere in 2008.
In 2009, EPIC filed
a complaint with the Federal Trade Commission,
urging an investigation into Google’s cloud computing services to
the adequacy of privacy and security safeguards.  Comments on
both NIST documents are due no later than February 28, 2011. 

Institute for Standards and Technology

NIST: Press Release on Cloud Computing

NIST: Definition of Cloud Computing

NIST: Guidelines on Security and Privacy in Public Cloud Computing

EPIC: FTC Cloud Computing Complaint (March 17, 2009)
EPIC: Cloud Computing

EPIC: In re Google and Cloud Computing

EPIC Joins Campaign to Promote Transparency in Europe

EPIC has supported a global initiative led by Access Info, an
human rights organization, to urge the Committee of Civil
Liberties, Justice, and Home Affairs (LIBE) of the European Parliament
to safeguard government transparency. Currently, the Committee is
considering a proposal to limit open government by hindering access
certain documents. On January 28, 2011, a letter was sent on behalf of
Access Info and its supporters to the European Parliament,
calling for
the alignment of regulations with the pro-transparency decisions of the
Court of Justice of the European Union. EPIC
has joined 180
organizations, journalists, and activists in its support for Access
Info’s campaign. Over 90 countries worldwide
have adopted laws,
constitutional amendments or regulations protecting the right to freedom
of information.

Access Info: Transparency
in the European Union

European Union: LIBE Committee

EPIC: Open Government

EPIC: Privacy & Human Rights

FBI Handwritten Changes on NSLs to Expand Surveillance, Evade Oversight

EPIC used the Freedom of Information Act (FOIA) to obtain internal
reports that FBI Field Offices made unauthorized changes to National
Security Letters, absent any internal
legal review. The Attorney
General's National Security Letter Guidelines explicitly require field
offices to clear all National Security
Letter requests through the
National Security Law Branch of the FBI or the Chief Division Counsel.
The changes violated this safeguard
and frustrated oversight. National
Security Letters (NSLs) are already an extraordinary search procedure,
which give the FBI the
power to compel the disclosure of customer
records held by banks, telephone companies, Internet Service Providers,
and others. These
entities are prohibited, or "gagged," from telling
anyone about their receipt of the NSL, which makes oversight difficult. 
The incident
revealed by EPIC is yet another instance of the FBI's NSL
practices failing to abide by constitutional protections and the rule of

FOIA Request (July 2, 2009)

EPIC FOIA Note #17 (February 7, 2011)

EPIC: Intelligence Oversight Board: FOIA Documents on Legal Violations

Report of Unauthorized Change to FBI National Security Letter

[7] EPIC Book Review: "State Power and Democracy"

"State Power and Democracy: Before and During the Presidency
of George
W. Bush," Andrew Kolin

In "State Power and Democracy," Andrew Kolin argues that the United
States government has consistently expanded its efforts, domestically
and abroad, to create a state of “surveillance and control.” To support
his arguments regarding the expansion of the
“police state,” Kolin
follows the history of United States government responses to progressive
political movements over
the last two centuries.

Kolin spends several chapters developing an argument that, even before
9/11, the United States government
was laying foundations for extensive
surveillance and participating in officially-sanctioned violence. To
support his claims, Kolin
details the history of the labor movement,
including the response to workers' rights movements over the last
hundred years. He also
follows the history of U.S. involvement in
toppling communist and socialist-leaning regimes around the world.

Kolin openly attacks
the CIA, claiming that it "demonstrates a
determination to develop torture into an exact science." He tracks the
agency's involvement
in torture training at the School of the Americas
(later renamed "Western Hemisphere Institute for Security Cooperation"),
boast such infamous alumni as Robert Viola, Manual Noriega, Juan
Valasco, and Guillermo Rodriguez, members of the Grupo Colina death
squad, officers in the notorious Battalion 3-16, and Augusto Pinochet's
secret police.

Kolin avoids the tendency to ascribe civil
liberties violations to one
political party. Instead, he argues that both Republican and Democratic
administrations have participated
in oppressive activities over the
course of the last two centuries. In particular, Kolin describes the
ways in which the Clinton
Administration's policy initiatives laid the
groundwork for the civil liberties violations that would become routine
under George
W. Bush’s Administration.

"State Power and Democracy" includes references to many important civil
liberties issues of the
present day, including the PATRIOT Act,
Guantanamo Bay, the torture memos, and the broad surveillance of

Kolin ends the
book on a reformative note, by detailing potential
reforms, and stating "it is with the possible combination of a
dysfunctional police
state with a hint of reformism and the rising
expectations of mass movements that America will finally rid itself of
its police state."

-- Ginger McCall

EPIC Publications:

"Litigation Under the Federal Open Government Laws 2010,"
edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark
S. Zaid (EPIC 2010). Price: $75

Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
This updated version includes new material regarding President Obama's
2009 memo on Open Government, Attorney General Holder's
March 2009 memo
on FOIA Guidance, and the new executive order on declassification. The
standard reference work includes in-depth
analysis of litigation under:
the Freedom of Information Act, the Privacy Act, the Federal Advisory
Committee Act, and the Government in the Sunshine Act. The fully updated
2010 volume is the
25th edition of the manual that lawyers, journalists
and researchers have relied on for more than 25 years.


"Information Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005).
Price: $98.

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive
for an exciting course in this rapidly evolving area of law.


"Privacy & Human Rights
2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy
in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating
to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.


"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more
involved in the
WSIS process.


"The Privacy Law Sourcebook 2004: United States Law, International
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource
for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world.
It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD
Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the
Video Voyeurism Prevention Act,
and the CAN-SPAM Act.


"Filters and Freedom 2.0: Free Speech Perspectives
on Internet Content
Controls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.


EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore


EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained
from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:

[8] Upcoming Conferences and Events

"Secondary and Intermediary Liability on the Internet." Stanford
Technology Law Review, Stanford Law School, 3 March 2011. For More

"Privacy and the Supreme Court." Columbia Law School, New York, New
York, 4 March 2011.

"The Web: Wiring Our World." UNIS-UN,
New York, 4 March 2011. For More

"The Tenth Workshop on Economics of Information Security." The George
Mason University, 14-15 June 2011. For More Information:

"Computers, Freedom, and Privacy 2011." Georgetown Law Center,
Washington D.C., 14-16 June 2011. For More Information:

Join EPIC on Facebook

Join the Electronic Privacy Information Center on Facebook

Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
Support EPIC.

Privacy Policy

The EPIC Alert mailing list is used only
to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend
to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases)
our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list,
please follow the above instructions under "subscription

About EPIC

The Electronic Privacy Information Center is
a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues
such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale
of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

Donate to EPIC

If you'd like to support the work of the
Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and
sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation
of encryption and
expanding wiretapping powers.

Thank you for your support.

Subscription Information

Subscribe/unsubscribe via web interface:

Back issues are available at:

The EPIC Alert displays best in a fixed-width font, such as Courier.

------------------------- END EPIC Alert 18.03 ------------------------

WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback