EPIC - Electronic Privacy Information Center

Focusing public attention on emerging privacy and civil liberties issues

EPIC Urges Supreme Court to Affirm Congress' Power to Pass Effective Privacy Laws

EPIC filed a "friend of the court" brief in the United States Supreme Court urging the Court to affirm Congress' power to enact strong statutes that protect consumer privacy. First American v. Edwards presents the question of whether a person can sue to enforce a provision of the Real Estate Settlement Procedures Act (RESPA), which gives individuals a right to untainted real estate referral services, and enforces this right by specifying an amount of damages for which violators are liable. Surprisingly, Facebook, Linkedin, Yahoo, and Zynga filed a brief in support of the bank First American and arguing against enforcement of privacy statutes in certain circumstances. EPIC then filed a brief in support of the consumer Edwards and argued that if the Court did not uphold statutory damage provisions, "it would become virtually impossible to enforce privacy safeguards in the United States." Statutory damage provisions help ensure compliance with Fair Information Practices, the foundation of modern privacy law. For more information, see EPIC: First American v. Edwards, and EPIC: Privacy Act.

Supreme Court Hears Oral Argument in Strip Search Case

The United States Supreme Court heard oral arguments on Wednesday in Florence v. Board of Chosen Freeholders of the County of Burlington. At issue in the case is whether the Fourth Amendment permits a jail to conduct a suspicionless strip search of every suspect, even those arrested for minor traffic offenses. The Petitioner Albert Florence was arrested based on an inaccurate police record of his previously resolved traffic fine. Florence was held for six days and subject to multiple strip searches before he was eventually brought before a judge and released. EPIC successfully argued before the Third Circuit in Doe v. Luzerne that an individual has a reasonable expectation of privacy in remaining free from the government’s recording of nude images. EPIC also filed a “Friend of the Court” brief in Herring v. US, involving a Fourth Amendment challenge to an arrest and search based on incorrect information in a government database. For more information, see EPIC: Herring v. US.

Federal Appeals Court Protects Employees from Covert Video Recording

The Third Circuit Court of Appeals ruled that a police deputy's privacy claims against her employer can proceed despite the government's objections. The case involves Jane Doe, who was secretly videotaped by a co-worker during a mandatory decontamination shower. The digital footage was uploaded onto a government computer and disclosed over the municipal network. The appeals court held that Ms. Doe had a reasonable expectation of privacy in remaining free from videotaping during the shower, and wrote "the potential harm of nonconsensual disclosure [of the video] is exacerbated by the existence of the Internet, where one can upload image and video files and irretrievably share them with the world in a matter of moments." EPIC filed a brief and presented oral argument in the case, stating that the case "presents novel privacy issues involving new technology" and that "the District Court failed to appreciate the unique damage caused by unlawful disclosures over computer networks." For more, see EPIC: Doe v. Luzerne.

Congressional Watchdog: DHS Data Mining Programs Pose Risk to Privacy

The Government Accountability Office has performed a detailed evaluation of data mining practices at the Department of Homeland Security. According to the report, privacy protections and transparency are vital to data mining operation, however the Department's practices did not "adequately ensure the protection of privacy-related information." in 2009, EPIC called for an investigation of the Department's Privacy Office and said that the Chief Privacy Officer was not complying with the statutory requirements to protect privacy. For more information, see EPIC: Department of Homeland Security Chief Privacy Office and Privacy.

Documents Obtained by EPIC Reveal Government's "Minority Report" Scanning Program

Through a Freedom of Information Act request, EPIC has obtained documents from the Department of Homeland Security about a secretive "pre-crime" detection program. The "Future Attribute Screening Technology" (FAST) Program gathers "physiological measurements" from subjects, including heart rate, breathing patterns, and thermal activity, to determine "malintent." According to the documents obtained by EPIC, the agency is considering the use of the device at conventions and sporting events, and has already conducted field testing. CNET first reported on the EPIC FOIA request. For more information, see: EPIC: Future Attribute Screening Technology Project.

Appeals Court: Noncitizens Protected by Electronic Communications Privacy Act

A federal appeals court has ruled in Suzlon Energy v. Microsoft Corp. that foreign citizens are protected by the Electronic Communications Privacy Act. The decision is not that surprising as the Electronic Communications Privacy Act protects consumer data, without regard to nationality, by forbidding companies from disclosing communications data with third parties in most circumstances. Suzlon involved a civil suit in which Microsoft refused to disclose data from the Hotmail email account of Rajagopalan Sridhar, an Indian citizen. The court ruled that Sridhar was protected by the Electronic Communications Privacy Act and that Microsoft correctly refused to disclose communications from Sridhar's email account. For more information, see EPIC: Wiretapping.

EPIC Urges Supreme Court to Affirm Privacy Act Remedies

EPIC filed a "friend of the court" brief in the United States Supreme Court urging the Court to enforce the rights granted under the Privacy Act, which regulates the use of personal information held by federal agencies. EPIC argued that the government should not be allowed to avoid liability by asserting that it caused only mental and emotional harm when it intentionally and willfully violated the federal statute. FAA v. Cooper involves the Social Security Administration's disclosure of a pilot’s HIV status. The lower court held that "the term 'actual damages'" in the Privacy Act "unequivocally encompasses nonpecuinary damages." EPIC urged affirmance of the decision, stating that the Privacy Act "provides compensation for harm suffered" and aims to "ensure compliance with statutory obligations." For more information, see EPIC: US v. Cooper, and EPIC: Privacy Act.

EPIC Urges Supreme Court to Uphold Fourth Amendment in GPS Case

EPIC filed a "friend of the court" brief in the United States Supreme Court urging the Court to limit the scope of pervasive GPS surveillance by upholding robust Fourth Amendment protections. Along with 30 legal and technical experts, EPIC argued that 24-hour GPS surveillance by law enforcement constitutes a "search" under the Fourth Amendment. US v. Jones involves the government's use, without a judicial warrant, of a GPS device to track a person "24/7." The lower court held that "the use of the GPS device violated [Jones'] 'reasonable expectation of privacy,' and was therefore a search subject to the reasonableness requirement of the Fourth Amendment." Arguing in support of the earlier decision, EPIC said "it is critical that police access to GPS tracking be subject to a warrant requirement." For more information, see EPIC: US v. Jones, and EPIC: Locational Privacy.

Seventh Circuit Court Hears Oral Argument in Students' Privacy Case

The US Court of Appeals for the Seventh Circuit heard oral arguments today in Chicago Tribune v. University of Illinois. EPIC filed a "friend of the court" brief in the case, which concerns student privacy rights protected by the Family Educational Rights and Privacy Act ("FERPA"). EPIC's brief argued that Congress intended to protect student records, including admissions files, from unauthorized release and that Illinois' open government law must yield to the federal privacy law. In this case, the Tribune requested documents from the University of Illinois, under Illinois' open government law, while investigating alleged corruption in the admissions practices of the University. The University denied the Tribune's request, stating that the requested documents contained the personally identifiable information of students and were thereby protected by federal law. A lower federal court found that Illinois law required the documents to be released. The Depart of Justice also filed a brief in support of student privacy in the case. For more information, see EPIC: Chicago Tribune v. University of Illinois and EPIC: Student Privacy.

EPIC-Led Coalition Calls for FTC Facebook Investigation

EPIC, joined by other privacy, consumer, and civil liberties groups, which include the American Civil Liberties Union, Consumer Action, American Library Association, and the Center for Digital Democracy asked the Federal Trade Commission to investigate Facebook. Facebook had been secretly tracking users after they logged off of Facebook’s webpage, and had recently announced changes in business practices that “[gave] the company far greater ability to disclose the personal information of its users to its business partners...” EPIC’s complaint regarding Facebook’s facial recognition is still pending before the FTC. For more information, see EPIC: Facebook Privacy and EPIC: Federal Trade Commission.

Bankrupt Borders Sells Customer Data to Barnes & Noble

A bankruptcy court in New York has approved the sale of customer information, including email addresses, phone numbers, mailing addresses, and birthdates, from Borders to Barnes & Noble, following an earlier determination that the transfer violated Border's privacy policy. The judge has now required that former Borders customers receive an email notification and that the companies place prominent notices on their web sites and take outs ads in USA Today. Customers will have 15 days to opt-out of the transfer.

Documents Obtained by EPIC Reveal FBI Watch List Details

EPIC has obtained documents that reveal new details about standards for adding and removing names from the FBI watch list. The documents were obtained as the result of an EPIC Freedom of Information Act request to the Federal Bureau of Investigation. The FBI's standard for inclusion on the list is "particularized derogatory information," which has never been recognized by a court of law. Also, individuals may remain on the FBI watch list even if charges are dropped or a case is dismissed. The New York Times broke the story and posted the documents obtained by EPIC. For more information, see EPIC: FBI Watch List FOIA and EPIC: Open Government.