EPIC Alert 21.19
======================================================================= E P I C A l e r t ======================================================================= Volume 21.19 October 17, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, DC http://www.epic.org/alert/epic_alert_21.19.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] EPIC v. CIA: EPIC Seeks Details of CIA Surveillance of Congress [2] At OECD Global Forum, EPIC Urges 'Algorithmic Transparency' [3] California Enacts Comprehensive Student Privacy Law [4] Supreme Court Issues Stay Preventing Implementation of Voter ID Law [5] Japanese Court Upholds 'Right to Be Forgotten' [6] News in Brief [7] EPIC in the News [8] EPIC Bookstore [9] Upcoming Conferences and Events TAKE ACTION: Defend Student Privacy - Opt Out of Marketing! REQUEST Your Child's School's Privacy Policies: www.opt-out-now.info LEARN about Student Privacy: http://epic.org/privacy/student/ SUPPORT EPIC: https://epic.org/support/ ========================================================================= [1] EPIC v. CIA: EPIC Seeks Details of CIA Surveillance of Congress ========================================================================= EPIC has filed a Freedom of Information Act lawsuit against the Central Intelligence Agency, seeking the CIA Inspector General's report on the agency's surveillance of the Senate Select Committee on Intelligence. The EPIC lawsuit follows from reports that the CIA infiltrated a computer network used by Senate staff to investigate the agency's post-9/11 detention and interrogation program. In March 2014, Senator Dianne Feinstein (D-CA), head of the Senate Intelligence Committee, publicly accused the CIA of secretly removing documents from the Committee, searching computers used by the Committee, and attempting to intimidate congressional investigators by requesting an FBI inquiry of their conduct. Senator Feinstein stated that the CIA's conduct "may well have violated the separation of powers principles embodied in the United States Constitution." The CIA subsequently confirmed that the agency's Inspector General had conducted an investigation and concluded the agency had "improperly" accessed Senate computers. However, the Inspector General has failed to release the report to the public. EPIC sent a FOIA request to the CIA for the Inspector General's report, stating, "The report from the Inspector General will provide more detail about the actual scope of the agency's activity and will be useful in assessing the effectiveness of oversight." EPIC received no response and has sued for public release of the report. In 2011, EPIC filed a Freedom of Information Act lawsuit to obtain a CIA Inspector General's Report prepared in response to an investigation by the Associated Press that revealed that the NYPD and the CIA had collaborated on a program of domestic surveillance targeting Muslims and persons of Arab descent. EPIC obtained the Inspector General's Report as a result of the lawsuit. The report contradicted the CIA's original claim that there was "no evidence that any part of the agency's support to the NYPD constituted 'domestic spying.'" EPIC: Complaint to CIA re: FOIA Request (Oct. 2, 2014) http://epic.org/foia/cia/EPIC-v-CIA-Complaint.pdf Sen. D. Feinstein (D-CA): Statement on CIA IG Report (Jul. 31, 2014) http://epic.org/redirect/101714-feinstein-cia-response.html EPIC: EPIC v. CIA (CIA Spying on Congress) http://epic.org/foia/cia/domesticsurveillance.html EPIC: CIA IG Report re: CIA-NYPD Relationship (Dec. 27, 2011) http://epic.org/foia/cia/CIA-IG-NYPD-Rprt.pdf EPIC: EPIC v. CIA (Domestic Surveillance) http://epic.org/foia/cia/domesticsurveillance.html ======================================================================== [2] At OECD Global Forum, EPIC Urges 'Algorithmic Transparency' ======================================================================== Speaking to delegates at the October 2 OECD Global Forum for the Knowledge Economy in Tokyo, EPIC President Marc Rotenberg urged OECD member countries to endorse "algorithmic transparency," the principle that data processes impacting individuals be made public. In a panel on "Building trust in the data-driven economy," Mr. Rotenberg explained that companies are too secretive about what they collect and how they use personal data. Mr. Rotenberg was joined on the panel by representatives from Microsoft, the UK Data Protection Commissioner's office, and the US Federal Trade Commission. Mr. Rotenberg also spoke about the growing risk of identity theft, citing the recent data breaches at Target, Home Depot, and JP Morgan, and urged OECD countries to update privacy laws and strengthen technical standards for Internet security. Earlier in 2014, EPIC submitted extensive comments on the White House's review of "Big Data and the Future of Privacy." The report makes several recommendations to the President, including advancing the Consumer Privacy Bill of Rights, passing national data breach legislation, and instituting Privacy Enhancing Technologies. In response to the report, EPIC called for the swift enactment of the Consumer Privacy Bill of Rights and the end of opaque algorithmic profiling. EPIC warned the White House about the enormous risk to Americans of current "big data" practices but also made clear that problems are not new, citing the Privacy Act of 1974, which was created in response to the challenges of "data banks." EPIC wrote, "It is vitally important to update current privacy laws to minimize collection, secure the information that is collected, and prevent abuses of predictive analytics." EPIC and more than 20 organizations previously urged the White House to establish privacy protections for user data gathered by large companies and government agencies. OECD: Global Forum for the Knowledge Economy (Oct 2-3, 2014) http://www.oecd.org/sti/global-forum-knowledge-economy-2014.htm The White House: "Big Data and the Future of Privacy" (May 1, 2014) http://epic.org/redirect/051614-wh-big-data.html EPIC: Comments on OSTP Privacy Report (Apr. 4, 2014) http://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf EPIC: Big Data and the Future of Privacy http://epic.org/privacy/big-data/ The Public Voice http://thepublicvoice.org/ Civil Society Information Society Advisory Counsel http://csisac.org/ ========================================================================= [3] California Enacts Comprehensive Student Privacy Law ========================================================================= The State of California has passed the "Student Online Personal Information Protection Act (SOPIPA)," a comprehensive student privacy law. Among other provisions, the new law: (1) prohibits K-12 mobile and online service operators from using student information to target advertisements to students; (2) prohibits online service providers from creating K-12 student profiles for commercial purposes; (3) forbids companies from selling student information; (4) requires K-12 mobile and online service operators to establish security measures and to delete student information at the request of a school or district. The state has also passed a similar law requiring schools that outsource student records to include privacy in contracts, and a law governing school social media monitoring programs. The Student Online Personal Information Protection Act incorporates many proposals EPIC outlined in the 2014 Student Privacy Bill of Rights, an enforceable student privacy and data security framework that aligns with the White House's 2012 Consumer Privacy Bill of Rights, and, like it, is based on the well-established Fair Information Practices (FIPs). The Student Privacy Bill of Rights urges schools, districts, and EdTech and other cloud-based service providers to adhere to a number of practices when collecting student data, and that those rights should transfer from parents or legal guardians to students once the student is 18 or attending college. Under EPIC's Student Privacy Bill of Rights, students would have the rights to certain key principles shared with the FIPs. These would include the rights to: (1) Access and Amendment ("access and amend their erroneous, misleading, or otherwise inappropriate records, regardless of who collects or maintains the information"); (2) Focused Collection ("reasonably limit student data that companies and schools collect and retain"); (3) Respect for Context, Security, Transparency, and Accountability ("expect that companies and schools will collect, use, and disclose student information solely in ways that are compatible with the context in which students provide data"); (4) Security ("secure and responsible data practices"); (5) Transparency ("clear and accessible information privacy and security practices"); (6) Accountability ("hold schools and private companies handling student data accountable for adhering to the Student Privacy Bill of Rights"). Additionally, "Schools and companies should be accountable to enforcement authorities and students for violating these practices." State of CA: SOPIPA (Sep. 29, 2014) http://epic.org/redirect/101714-ca-sopipa.html State of CA: Assembly Bill No. 1584 (3rd-Party Records) (Sep. 29, 2014) http://epic.org/redirect/101714-ca-bill-1584.html State of CA: Assembly Bill No. 1442 (Social Media) (Sep. 29, 2014) http://epic.org/redirect/101714-ca-bill-1442.html EPIC: Student Privacy Bill of Rights http://epic.org/privacy/student/bill-of-rights.html EPIC: Student Privacy http://epic.org/privacy/student/ EPIC: EPIC v. Dep't of Ed. http://epic.org/apa/ferpa/ EPIC: White House Consumer Privacy Bill of Rights (Feb. 2012) http://epic.org/privacy/white_house_consumer_privacy_.html ======================================================================== [4] Supreme Court Issues Stay Preventing Implementation of Voter ID Law ========================================================================= The US Supreme Court has issued a stay of an appeals ruling preventing Wisconsin election officials from requiring voters to present photo ID before voting in the November 2014 elections. The Wisconsin law, initially enacted in 2011 but blocked by various courts, would have required Wisconsin voters to present identification before they could vote. The law also required absentee voters to submit identification with their ballots, but forms previously sent to voters did not include that requirement, and Wisconsin officials have stated they would not count ballots returned without copies of valid ID. In a similar case in Texas, the presiding judge wrote that the state's voter ID law "creates an unconstitutional burden on the right to vote, has an impermissible discriminatory effect against Hispanics and African-Americans, and was imposed with an unconstitutional discriminatory purpose." A panel of the US of Appeals for the Fifth Circuit temporarily blocked that decision, however, allowing the requirement to be enforced for the 2014 elections. In 2007 EPIC raised similar arguments in a "friend of the court" brief submitted to the US Supreme Court in Crawford v. Marion County. EPIC said of the Indiana ID law in question, "Not only has the state failed to establish the need for the voter identification law or to address the disparate impact of the law, the state's voter ID system is imperfect, and relies on a flawed federal identification system." In a March 2007 statement to the US House Judiciary Committee, EPIC cautioned against new photo identification and proof of citizenship requirements for federal elections. Absent evidence of an actual problem, EPIC warned that the requirements could discourage legal voters. US Supreme Court: Order in Frank v. Walker (Oct. 9, 2014) http://www.supremecourt.gov/opinions/14pdf/14a352_i42k.pdf US S. District Court of TX: Opinion in Veasey v. Perry (Oct. 9, 2014) http://epic.org/redirect/101714-veasey-v-perry.html EPIC: Crawford v. Marion County Election Board https://epic.org/privacy/voting/crawford/ EPIC: Voter Photo ID and Privacy https://epic.org/privacy/voting/photo-identification.html EPIC: Voting Privacy https://epic.org/privacy/voting/ ========================================================================= [5] Japanese Court Upholds 'Right to Be Forgotten' ========================================================================= A Japanese court has ordered Google to delete search results of a person's past in a decision similar to the European Union's recent "right to be forgotten" ruling. In the case in question, Google search results contained links to news articles that tied the plaintiff to alleged criminal activity. The plaintiff claimed that these search results violated his privacy rights and led to threats on his life. Judge Nobuyuki Seki of the Tokyo District Court said that links to the news articles, which were more than 10 years old, "infringe personal rights" and had caused the plaintiff "actual harm." The plaintiff based his request for injunction on Japanese law, but also cited the "right to be forgotten." In May 2014, the Court of Justice of the European Union ruled that European citizens have a right to remove negative personal information from search engines. According to the court, this "right to be forgotten" stems from rights set forth in the EU's 1995 Data Protection Directive and the Charter of Fundamental Rights of the European Union. The European court held that the right to be forgotten "override[s], as a rule, not only the economic interest of the operator of a search engine but also the interest of the general public in finding that information upon a search relating to the data subject's name." Moreover, this right does not require the individual requester to prove that the search results cause "prejudice." EPIC strongly supports full implementation of the EU Data Protection Directive as well as other efforts to safeguard the fundamental rights of citizens, consumers, and Internet users. Appearing before the European Parliament in October 2010, EPIC President Marc Rotenberg urged the adoption of a comprehensive framework to protect the flow of personal data between the United States and the European Union. In 2011, EPIC submitted a "friend of the court" brief in the US case GD v. Kenny. EPIC urged the New Jersey Supreme Court to preserve the value of expungement and further argued that data broker firms will make available inaccurate and incomplete information if expungement orders are not enforced by the state. The Japan Times: Article on Court Ruling (Oct. 10, 2014) http://www.japantimes.co.jp/news/2014/10/10/national/crime-legal/ tokyo-court-orders-google-remove-search-results-man/#.VDzqlecRG2w EPIC: EU Court's Google Decision (Right to Be Forgotten) http://epic.org/privacy/google/eu/ EPIC: EU Data Protection Directive http://epic.org/privacy/intl/eu_data_protection_directive.html EPIC: Expungement http://epic.org/privacy/expungement/ EPIC: GD v. Kenny https://www.epic.org/amicus/gd_v_kenny.html ======================================================================== [6] News in Brief ======================================================================== EPIC Obtains New Documents on Lack of Student Privacy Enforcement EPIC has obtained new documents from the US Department of Education detailing parent and student complaints about the misuse of education records. The Department released the documents in response to an EPIC Freedom of Information Act request. EPIC expects to receive more documents about the agency's enforcement of the Family Educational Rights and Privacy Act. Other documents uncovered by EPIC reveal that schools and districts have disclosed students' personal records without consent, possibly in violation of the federal student privacy law. The documents also show that the Department failed to investigate many FERPA complaints. EPIC: FOIA Docs on Student Privacy from US Ed. Dept. (Oct. 3, 2014) http://epic.org/foia/ed/ferpa/FPCO-Interim-Release-Oct-3-2014.pdf EPIC: FOIA Request to US Ed. Dept. on Student Privacy (Apr. 15, 2014) http://epic.org/foia/ed/ferpa/FOIA-Request.pdf EPIC: Department of Education's FERPA Enforcement http://epic.org/foia/ed/ferpa/default.html EPIC: Student Privacy http://epic.org/privacy/student/ EPIC: Open Government http://epic.org/open_gov/ NSA Releases '12333' Report, Fails to Address Bulk Collection The NSA has released a privacy report on the agency's surveillance activities under 12333, an Executive Order that provides broad authority for data collection. The report, however, only addresses a narrow aspect of the EO 12333 collection - protections for US persons in the context of targeted signal intelligence activities - while failing to address bulk collection or privacy protections for non-US persons. A previously disclosed 2012 internal audit revealed that the NSA violated both legal rules and privacy restrictions thousands of times each year since 2008. Another document from 2007 shows how NSA analysts are trained to avoid giving "extraneous information" to their "[FISA Amendment Act] overseers" when they want to target an individual. The NSA privacy report did not address these previous violations. Earlier in 2014, EPIC urged the Privacy and Civil Liberties Oversight Board to review the surveillance activities conducted under EO 12333. EPIC is also pursuing several FOIA matters to learn more about the use of 12333 authority. NSA: Privacy Report for EO 12333 (Oct. 7, 2014) http://epic.org/redirect/nsa-12333-report.html NSA: Internal Audit on SID Oversight and Compliance (May 3, 2012) http://s3.documentcloud.org/documents/758651/1qcy12-violations.pdf NSA: Document on 'Targeting Rationale' (Jan. 8, 2007) http://epic.org/redirect/101714-nsa-targeting-rationale.html EPIC: Statement to PCLOB on EO 12333 (Jul. 23, 2014) http://epic.org/redirect/073014/epic-scott-statement.html EPIC: Executive Order 12333 http://epic.org/privacy/surveillance/12333/ Department of Homeland Security Releases 2014 Privacy Report The Department of Homeland Security has released the agency's 2014 Privacy Office Annual Report to Congress. The report describes a joint review conducted with the European Commission regarding the transfer of EU Passenger Name Records to the US. The European Commission found that redress mechanisms were lacking for passengers denied boarding, and that DHS often would review passenger records without legal justification. The Annual Report describes the sixth Compliance Review of the department's social media monitoring program, which found that the DHS began collecting Internet users' GPS and geolocation data without assessing or mitigating the privacy risks. In 2012, EPIC obtained FOIA documents revealing that the Department of Homeland Security monitored social media for political dissent. DHS: 2014 Privacy Report to Congress (Sep. 30, 2014) http://epic.org/redirect/101714-dhs-2014-report.html European Commission: Report on EU/DHS Agreement (Nov. 27, 2013) http://epic.org/redirect/101714-eu-dhs-agreement.html DHS: Privacy Compliance Review (Apr. 16, 2014) http://epic.org/redirect/101714-dhs-compliance-review.html EPIC: FOIA Docs on DHS Media Monitoring (Dec. 2012) http://epic.org/redirect/101714-epic-media-foia.html EPIC: EU-US Airline Passenger Data Disclosure http://epic.org/privacy/intl/passenger_data.html EPIC: EPIC v. DHS - media monitoring http://epic.org/foia/epic-v-dhs-media-monitoring/ Facebook Responds to EPIC Complaint on 'Emotions Study' Facebook has announced revised guidelines on how the company discloses user data to researchers. In 2012, Facebook subjected 700,000 users to an "emotions study" by manipulating their News Feeds. Facebook did not obtain users' permission to conduct this study or notify users that their data would be disclosed to researchers. In response, EPIC filed a formal complaint to the Federal Trade Commission. "The company purposefully messed with people's minds," states the EPIC complaint. EPIC has also asked the FTC to require that Facebook make public the News Feed algorithm. As a result of complaints brought by EPIC and a coalition of consumer privacy organizations in 2009 and 2010, Facebook is currently under a 20 year consent decree from the FTC that requires it to protect user privacy, The new guidelines have improved Facebook's research process, but continue to raise questions about human subject testing by advertising companies. Facebook: Blog Post on Research Guidelines (Oct. 2, 2014) http://newsroom.fb.com/news/2014/10/research-at-facebook/ EPIC: Complaint to FTC re: Facebook Study (Jul. 3, 2014) http://epic.org/redirect/071614-epic-fb-complaint.html EPIC: Complaint I in In re: Facebook (Dec. 17, 2009) http://epic.org/privacy/inrefacebook/EPIC-FacebookComplaint.pdf EPIC: Complaint II in In re: Facebook (May 5, 2010) http://epic.org/privacy/facebook/EPIC_FTC_FB_Complaint.pdf FTC: Consent Order Against Facebook (Nov. 29, 2011) http://ftc.gov/os/caselist/0923184/111129facebookagree.pdf EPIC: In re: Facebook (Psychological Study) http://epic.org/privacy/internet/ftc/facebook/psycho/ EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ Italy Launches Internet Bill of Rights The Italian Parliament has proposed a Declaration of Internet Rights. The Declaration addresses a wide range of issues including Internet Access, Protection of Personal Data, Anonymity, the Right to Be Forgotten, and Internet Governance. Italy, currently chair of the European Council, played a leading role in European Union policy in 2014 and has made progress on data protection as a top priority. EPIC spoke earlier this year to the Italian Parliament about the need for a strong framework to protect the rights of Internet users. Italian Parliament: Draft Declaration of Internet Rights (Oct. 2014) http://epic.org/redirect/101714-it-internet-rights.html Council of the European Union http://epic.org/redirect/101714-council-of-europe.html EU: Program for Italian Presidency of EU 2014 (Jul. 1, 2014) http://italia2014.eu/media/1349/programma_en1_def.pdf CSISAC: Civil Society Seoul Declaration (June 2008) http://csisac.org/seoul.php The Public Voice: Madrid Privacy Declaration (Nov. 2009) http://thepublicvoice.org/madrid-declaration/ Data Protection Commissioners Urge Limits on "Big Data" The International Data Protection Commissioners have adopted a resolution on Big Data. The resolution endorses several privacy safeguards, including purpose specification, data minimization, individual data access, anonymization, and meaningful consent when personal data is used for big data analysis. The data protection commissioners also passed a resolution supporting the UN High Commissioner's report on Privacy in the Digital Age and the Mauritius Declaration on the Internet of Things. Earlier in 2014, EPIC, joined by 24 organizations, petitioned the White House to accept public comments on its review of Big Data and the Future of Privacy. EPIC also submitted extensive comments detailing the privacy risks of big data and calling for the swift enactment of the Consumer Privacy Bill of Rights and the end of opaque algorithmic profiling. 36th Annual Conf. of DP and Privacy Commissioners (Oct. 2014) http://www.privacyconference2014.org/en/ Intl. DP Commissioners: Resolution on Big Data (Oct. 2014) http://epic.org/redirect/101714-dp-big-data.html UN: Report on the "Right to privacy in the digital age" (June 2014) http://epic.org/redirect/101714-un-digital-privacy.html DP Commissioners: Declaration on Internet of Things (Oct. 14, 2014) http://epic.org/redirect/101714-dp-internet-things.html EPIC et al.: Petition on Big Data Comment Process (Feb. 10, 2014) http://epic.org/privacy/Ltr-to-OSTP-re-Big-Data.pdf The White House: "Big Data and the Future of Privacy" (May 1, 2014) http://epic.org/redirect/051614-wh-big-data.html EPIC: Comments on OSTP Privacy Report (Apr. 4, 2014) http://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf EPIC: Big Data and Privacy http://epic.org/privacy/big-data/ EPIC: Internet of Things http://epic.org/privacy/internet/iot/default.html ======================================================================== [7] EPIC in the News ======================================================================== "New Apple and Google Products Could Be Public Safety Hazard, FBI Chief Warns." ABC News, Oct. 16, 2014. http://abcnews.go.com/US/apple-google-products-public-safety- hazard-fbi-chief/story?id=26251483 "From a Legal Standpoint, Should You Go With Google Docs or Office Online?" Entrepreneur, Oct. 14, 2014. http://www.entrepreneur.com/article/237609 "Wandering Eye: An update in a murder-for-hire case, carrying your Nobel Prize in the airport, and more." Baltimore City Paper, Oct. 14, 2014. http://www.citypaper.com/blogs/the-news-hole/bcp-wandering-eye-an- update-in-a-murderforhire-case-carrying-your-nobel-prize-in-the- airport-and-more-20141014,0,5125762.story#sthash.OaCs1WtZ.dpuf "Full-body scanners used for local inmates may be flawed." Lansing State Journal, Oct. 14, 2014. http://www.lansingstatejournal.com/story/news/local/2014/10/14/ full-body-scanners-used-local-inmates-may-flawed/17268169/ "Snapchat under fire following photo leak." The Hill, Oct. 13, 2014. http://thehill.com/policy/technology/220560-snapchat-under-fire- following-photo-leak "High-tech cameras are watching you." Granite Falls [NC] Advocate- Tribune, Oct. 13, 2014. http://www.granitefallsnews.com/article/ZZ/20141013/NEWS/141019980/ -1/sports "Latest Internet voting reports show failures across the board." Al Jazeera America, Oct. 8, 2014. http://america.aljazeera.com/articles/2014/10/8/latest-internet- votingreportsshowfailuresacrosstheboard.html "EPIC Sues CIA For Release Of Senate Spying Report." Tech Dirt, Oct. 8, 2014. https://www.techdirt.com/articles/20141005/09043428734/epic-sues- cia-release-senate-spying-report.shtml "Ed-Tech Companies Pledge Data-Privacy Protections, Draw Skepticism." Education Week, Oct. 8, 2014. http://blogs.edweek.org/edweek/DigitalEducation/2014/10/ed-tech_ companies_pledge_data-.html "Microsoft and Other Firms Pledge to Protect Student Data." The New York Times, Oct. 7, 2014. http://www.nytimes.com/2014/10/07/business/microsoft-and-other- firms-pledge-to-protect-student-data.html?_r=0 "Facebook Will Continue Experimenting On Users Under Closed Guidelines." Science 2.0, Oct. 4, 2014. http://www.science20.com/the_conversation/facebook_will_continue_ experimenting_on_users_under_closed_guidelines-146261 "CIA Mum Regarding Surveillance of U.S. Senate." Courthouse News Service, Oct. 3, 2014. http://www.courthousenews.com/2014/10/03/72098.htm "Facebook's new research guidelines don't impress the professionals." PC World, Oct. 2, 2014. http://www.pcworld.com/article/2691412/facebooks-new-research- guidelines-dont-impress-the-professionals.html "Facebook Promises Deeper Review of User Research, but Is Short on the Particulars." The New York Times, Oct. 2, 2014. http://www.nytimes.com/2014/10/03/technology/facebook-promises-a- deeper-review-of-its-user-research.html "Privacy advocates sue Pentagon over Internet voting test results." The Washington Post, Oct. 2, 2014. http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/02/ privacy-advocates-sue-pentagon-over-internet-voting-test-results/ "CIA sued over Senate spying." The Hill, Oct. 2, 2014. http://thehill.com/policy/technology/219636-cia-sued-over-senate- spying "Facebook still plans to study you, but promises to 'learn and improve'." PC World's The Hive, Oct. 2, 2014. http://www.techhive.com/article/2691199/facebook-still-plans-to- study-you-but-promises-to-learn-and-improve.html "Facebook Promises to Manipulate Your Emotions 'Differently'." National Journal, Oct. 2, 2014. http://www.nationaljournal.com/tech/facebook-promises-to-do-better- after-backlash-for-manipulating-users-emotions-20141002 "Facebook Inc says it will be more transparent after manipulating news feeds in psychology experiment." Financial Post, Oct. 2, 2014. http://business.financialpost.com/2014/10/02/facebook-inc-says-it- will-be-more-transparent-after-manipulating-news-feeds-in- psychology-experiment/?__lsa=aea1-03ed "Three years later, Pentagon unit still hides Internet voting test results." McClatchyDC, Oct. 1, 2014. http://www.mcclatchydc.com/2014/10/01/241746_three-years-later- pentagon-unit.html?sp=/99/104/&rh=1 "Cedars-Sinai says number of patient files in data breach much higher." Los Angeles Times, Oct. 1, 2014. http://www.latimes.com/business/la-fi-cedars-data-breach-20141002- story.html "Facebook's Targeted Ads Expand to the Web." The New Yorker, Sept. 30, 2014. http://www.newyorker.com/business/currency/facebook-targeted-ads- raise-new-privacy-questions For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] EPIC Bookstore ======================================================================= "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= "The Year in Government Information: NSA Revelations, FOIA Developments, and More." Speaker: EPIC Senior Counsel Alan Butler. Washington, DC: ABA Administrative Law Conference 2014, October 17, 2014. For More Information: http://www.americanbar.org/content/ebus/events/ 2014/administrative-law-fall-conference-2014/schedule.html. Georgetown University Presents "An Evening Not to Be Forgotten." Speaker: EPIC Open Government Fellow John Tran. Washington, DC: October 20, 2014. For More Information: http://guevents.georgetown.edu/ event/an_evening_not_to_be_forgotten#.VEB29ec5hTR. OECD Experts on International Security Guidelines. Speaker: EPIC President Marc Rotenberg. Paris: Oct. 27, 2014. For More Information: http://www.oecd.org/internet/ieconomy/2002-security-guidelines- review.htm. Georgetown Law Center Presents "The Privacy Act @40." Washington, DC: October 30, 2014. For More Information: http://www.law.georgetown.edu/ academics/centers-institutes/privacy-technology/press-releases/ privacy-act-at-40.cfm. Maine Judicial Conference. Speaker: EPIC Associate Director Ginger McCall. Rockport, ME: October 30-31, 2014. For More Information: http://epic.org/2014/10/maine-judicial-conference.html. "Bird's Eye View: Transatlantic Data Exposures and Regulatory Enforcement." Speaker: EPIC Associate Director Ginger McCall. Scottsdale, AZ: Privacy XChange Forum, November 3, 2014. For More Information: http://privacyxchangeforum.com/agenda/pxf-2014-agenda. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.19------------------------