Landau, "A Gateway for Hackers:
The Security Threat in
the New Wiretapping Law"

In EPIC Case for Wiretap Memos, Federal Judge to Review Justice Department Documents
In EPIC v. DOJ, EPIC, the ACLU, and the National Security Archive are seeking government documents regarding the President's warrantless wiretapping program. Today, a federal court ordered the Department of Justice to provide for inspection copies of legal memos authored by government lawyers. The opinions, prepared by the Office of Legal Counsel, provided the legal basis for the President to wiretap US citizens in the United States without court approval. EPIC began the Freedom of Information Act lawsuit in December 2005, after the New York Times first reported the details of the wiretap program. For more information, see EPIC's EPIC v. DOJ page. (Oct. 31)

Senators Seek Details of Terrorism Interrogations, Domestic Surveillance Activities
Senator Patrick Leahy issued a subpoena requiring Attorney General Michael Mukasey to disclose information regarding the federal government's terrorism-related activities, including its warrantless surveillance program. The Senate Judiciary Committee Chairman's subpoena requires the Attorney General to make public documents regarding the spy scheme. Lawmakers have sought this information for more than five years, but state that their efforts have been stonewalled by Bush administration officials. "There is no legitimate argument for withholding the requested materials from this Committee," Senator Leahy wrote. In December 2005, EPIC demanded the release of memos regarding the program. Some of those documents were disclosed in response to an EPIC lawsuit. Others remain secret pending the resolution of the case. Documents obtained by EPIC reveal that a former top official doubted that the spy program was legal. For more, see EPIC's National Security Agency's Warrantless Surveillance Program page. (Oct. 27)

International Privacy Conference Draws Attendees from 68 Countries
More than 600 participants attended the 30th annual International Conference of Data Protection and Privacy Commissioners in Strasbourg, France. The conference explored "Protecting privacy in a borderless world" through high-level panels with government officials, business leaders, technical experts, and privacy advocates. Delegates called for increased international co-operation and emphasized that data protection must play a more prominent role in public and private institutions. The conference said, "in light of recent scandals all over the world, a strong independent supervision with tangible sanction powers is more necessary than ever." Privacy commissioners issued resolutions on several topics, including Children's Online Privacy, International Privacy Standards, and Privacy in Social Network Services. For a comprehensive survey of privacy developments around the globe, purchase EPIC's Privacy and Human Rights report. (Oct. 24).

European Parliament Challenges Body Scanners
European Union lawmakers have voted overwhelmingly to oppose the adoption of "body scanners," devices that produce images of people as if they were naked. The sponsors specifically identified the risk that the images of naked travelers would be retained by private vendors and government agencies. The European Parliament instructed the European Commission to carry out a fundament rights impact assessment, consult with European privacy authorities, assess the health impact of the technology, and conduct a cost-benefit impact assessment. For more information, see EPIC Backscatter X-Ray Screening Technology and EPIC Spotlight on Surveillance: Transportation Agency's Plan to X-Ray Travelers Should Be Stripped of Funding. (Oct. 23)

Homeland Security Clears Secure Flight but Watchlist Questions Remain
The Department of Homeland Security announced today the Final Regulations for the Secure Flight program. All airlines will now be required to collect date of birth and gender from customers and provide this information to the TSA for watchlist verification. A DHS Redress number, if previously issued, would also be collected. EPIC has warned in Congressional testimony that accuracy problems will continue to plague Secure Flight unless passengers are able to challenge the government's watchlist determinations. EPIC also recommended that the redress procedures be modified to limit data collection and to prescribe penalties for Privacy Act violations. For more information, see EPIC Secure Flight page and "Spotlight on Surveillance: Secure Flight Should Remain Grounded Until Security and Privacy Problems Are Resolved." (Oct. 22)

Supreme Court to Hear Argument in Identity Theft Case
Today, the Supreme Court announced that it will review a case that imposed enhanced criminal identity theft penalties on a person who presented an identity document that contained his own name. The Court will determine whether individuals who include identification numbers that are not theirs, but don’t intentionally impersonate others, can be subject to harsher punishments under federal law. In Flores-Figueroa v. United States, the petitioner challenged his conviction for “aggravated identity theft” under the Identity Theft Penalty Enhancement Act, stating that he did not commit identity theft when he used an identity document with his real name and an identity number that was not his to maintain employment. For more information, see EPIC's Flores-Figueroa page. (Oct. 21).

E-Deceptive Campaign Practices Technology Report Released
EPIC's voting project releases the first report on the technology of deceptive campaign practices. Deceptive campaigns are attempts to misdirect voters regarding the voting process for public elections. Deceptive campaign activity can be false statements about polling times, date of the election, or voter identification rules. The EPIC report reviews the potential for abuse of Internet technology in an election context, and makes recommendations on steps that could be taken by Election Protection, Election Administrators, and voters to protect the integrity of the upcoming election. A legal and policy companion of the report was simultaneously released by Common Cause and the Lawyers Committee for Civil Rights Under Law. For more information, see EPIC's Voting Privacy page and Voting Project . (Oct 20)

National Academy Calls for Comprehensive Review of Counterterrorism Programs for Effectiveness, Privacy Impacts
According to a new report from the National Research Council, all U.S. agencies with counterterrorism programs that collect or "mine" personal data -- such as phone records or Web sites visited -- should be required to evaluate the programs' effectiveness, lawfulness, and impacts on privacy. The report -- "Protecting Individual Privacy in the Struggle Against Terrorism: A Framework for Program Assessment -- sets out a program checklist agencies should follow, and urges Congress to establish new restrictions on how agencies can collect and use personal data. Press Release. Podcast. Webcast. Report (pdf). EPIC has written extensively on the problems with data mining and opposed the establishment of Total Information Awareness. (Oct. 7)

UPDATED - Supreme Court Hears Argument in Police Database Errors Case.
Today, the U.S. Supreme Court heard arguments in Herring v. United States. The case will determine whether an arrest based on inaccurate information in a criminal justice database should be upheld. EPIC filed a "friend of the court" brief (pdf) in the case, urging the Justices to ensure the accuracy of police databases. The EPIC brief was filed on behalf of 27 legal scholars and technical experts and 13 privacy and civil liberty groups. EPIC explained how government databases are becoming increasingly unreliable, according to the government's own studies and urged the Court to “ensure an accuracy obligation on law enforcement agents who rely on criminal justice information systems.” The amici warned that, “to permit a good faith reliance on data that is inaccurate, incomplete, or out of date will actually exacerbate the problem and increase the likelihood of unfair treatment in the criminal justice system.” Transcript. For more, see EPIC's Herring v. U.S. page. (Oct. 7)

EPIC Publishes Open Government Litigation Manual
Today, EPIC published the 2008 edition of "Litigation Under the Federal Open Government Laws." It is the most comprehensive, authoritative discussion of the federal open access laws. The 24th edition of this standard reference work features updated content and a foreword by Senator Patrick Leahy, co-sponsor of the OPEN Government Act of 2007. The book contains the texts of the US open government laws, including the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. Today's publication date celebrates International Right to Know Day, which was established to raise awareness of every individual's right of access to government-held information. For more, see EPIC's 2008 FOIA Litigation Manual. (Sept. 26)

EPIC Urges FTC to Establish Privacy Safeguards for RFID Tags
In comments to the Federal Trade Commission, EPIC reiterated recommendations (pdf) it made in 2004 to the consumer protection agency to address the risks to consumer safety of the unregulated use of RFID tags that reveal personal data. The FTC is hosting a “Transatlantic RFID Workshop on Consumer Privacy and Data Security" to discuss consumer concerns. The workshop follows an event, organized by the US Department of Commerce, promoting the benefits of RFID. Comments on RFID may be submitted to the FTC until October 23. For more, see EPIC's RFID Privacy page. (Sept. 22).

Previous Top News Archive

Spotlight on Surveillance

Proposed ‘Enhanced’ Licenses Are Costly to Security and Privacy

Hot Topics

October 2008
Automated Targeting System
Deep Packet Inspection
Domestic Surveillance
Facebook
FISA
Fusion Centers
Google/DoubleClick
Iraqi Biometric Identification System
Medical Record Privacy
National ID
National Security Letters
Open Government
Olympic Privacy
Passport Privacy
Phone Records
Search Engine Privacy
Social Networking Privacy
Voter Registration Databases

EPIC Docket Highlights

October 2008
EPIC v. FTC
EPIC v. VSP (Fusion Centers)
EPIC FTC Complaint (Google)
Gonzales v. ACLU
EPIC v. DHS (passenger data)
EPIC v. DOJ (NSA surveillance)
EPIC v. DOJ (IOB reports)
EPIC v. DOD (TIA/fee waiver)
Illegal Sale of Phone Records

EPIC amicus briefs:
Bunnell v. MPAA (Wiretap)
Crawford v. Marion County (Voter ID)
Doe v. Chao (Privacy Act)
BATF v. Chicago (FOIA)
Watchtower Bible v. Stratton (Anonymity)
Reno v. Condon (DPPA)
Smith v. Doe (Megans Law)
Gilmore v. Ashcroft (Secrecy)
ACLU v. DOD (Secrecy)
Gonzales v. Doe (Wiretap)
Hepting v. AT&T (Wiretap)
Herring v. US (Errors in databases)
Hiibel v. Nevada (Anonymity)
IMS Health v. Ayotte
(Medical privacy)
Kehoe v. Fidelity Bank (Consumer privacy)
Kohler v. Englade (DNA)
NCTA v. FCC (Phone records privacy)
New Jersey v. Reid
(ISP subscriber privacy)
Peterson v. NTIA (WHOIS data)
US v. Councilman (Wiretap)

Complete EPIC Docket