epic.org http://epic.org/ en-us Copyright 2021 Tue, 02 Mar 2021 15:28:46 -0500 http://www.sixapart.com/movabletype/ http://blogs.law.harvard.edu/tech/rss AI Commission Report Recommends Key Safeguards, But No Binding Limits on AI Use National Security Commission on Artificial Intelligence has issued its final report on the use of AI in national security and defense settings. The report urges Congress and the President to implement key safeguards on federal AI deployment, including mandating AI impact and risk assessments, updating standards for Privacy Act notices and privacy impact assessments, establishing an independent auditor for AI systems, empowering the Privacy and Civil Liberties Oversight Board to conduct AI oversight, and establishing a task force to recommend legal restrictions on the use of AI. However, the report fails to propose any substantive limits on AI use for Congressional enactment, as EPIC urged the Commission to do last year. "Unless express, binding limits on the use of AI are established now, the technology will quickly outpace our collective ability to regulate it," EPIC wrote. "The Commission cannot simply kick the can down the road, particularly when governments, civil society, and private sector actors have already laid extensive groundwork for the regulation of AI." Controversially, the AI Commission's final report also fails to endorse a ban on the use of autonomous weapons. The report was approved at the Commission's final meeting, which was open to the public as a result of EPIC's lawsuit. EPIC successfully sued the AI Commission in order to enforce its transparency obligations, forcing the Commission to hold open meetings and disclose thousands of pages of records. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).]]> http://epic.org/2021/03/ai-commission-report-recommend.html http://epic.org/2021/03/ai-commission-report-recommend.html Top News AI Commission Tue, 02 Mar 2021 15:28:46 -0500 EPIC Files D.C. Consumer Protection Complaint Against Amazon Over Unfair and Deceptive User Interface complaint with the D.C. Attorney General alleging that Amazon unlawfully employs manipulative "dark patterns" in the Amazon Prime subscription cancellation process. Dark patterns "are design features used to deceive, steer, or manipulate users into behavior that is profitable for an online service, but often harmful to users or contrary to their intent." Amazon employs dark patterns when customers attempt to cancel their Amazon Prime subscriptions, effectively preventing them from ending their memberships, charging users recurring fees, and continuing to collect, retain, and use the personal data of misdirected subscribers. EPIC's complaint calls on the D.C. Attorney General to halt Amazon's use of dark patterns. EPIC also warned the company that it is prepared to file suit under D.C.'s consumer protection law if Amazon fails to correct its unlawful business practices. EPIC recently signed onto a coalition letter urging the FTC to investigate Amazon's use of dark patterns in the Prime cancellation process.]]> http://epic.org/2021/02/epic-files-dc-consumer-protect-1.html http://epic.org/2021/02/epic-files-dc-consumer-protect-1.html Top News Amazon consumer protection dark patterns DCCPPA Sun, 28 Feb 2021 10:27:19 -0500 EPIC, Coalition Call on Biden Administration to Abandon "Virtual Border Wall," Invest in Migrant Communities letter to the Biden administration, EPIC and a coalition of 40 privacy, immigration, and civil liberties organizations urged the administration to abandon the proposed U.S. Citizenship Act of 2021 as an extension of the Trump administration's border policy. The proposed legislation would direct DHS to deploy a bevy of biometric and other surveillance technologies at points of entry and along the southern border. The letter describes how such technologies endanger the lives of migrants by pushing them onto more dangerous travel routes. The use of surveillance technologies at the border inevitably extends into the interior, where they are deployed against protesters, communities of color, and indigenous peoples. EPIC recently urged DHS to rescind a proposed rule increasing the agency's collection of biometric information.]]> http://epic.org/2021/02/epic-coalition-call-on-biden-a.html http://epic.org/2021/02/epic-coalition-call-on-biden-a.html Top News biometrics border Thu, 25 Feb 2021 14:00:07 -0500 EPIC, Coalition Urge NYPD to Limit Use of Surveillance Technologies and Disclose More Information on Their Use comments to the New York Police Department, EPIC called for meaningful limits on the use of mass surveillance technologies including facial recognition, airplanes and drones, automated license plate readers, and social media monitoring tools. EPIC also joined with privacy and civil liberties advocates and academics in coalition comments urging the NYPD to make a good faith effort to meet the requirements of the Public Oversight of Surveillance Technologies (POST) Act. The POST Act requires the NYPD to publish impact statements and use policies for 36 surveillance technologies. The Department's draft policies fail to disclose necessary information including detailed data storage, retention, and auditing practices, do not name the vendors of these technologies, and gloss over systemic racial discrimination in the use of these technologies with boilerplate language. The disclosures illuminate the use of technologies by the NYPD that enable mass surveillance and have extensive documented risks of bias and inaccuracy. EPIC leads a campaign to Ban Face Surveillance, and through the Public Voice coalition gathered support from over 100 organizations and experts from more than 30 countries.]]> http://epic.org/2021/02/epic-coalition-urge-nypd-to-li.html http://epic.org/2021/02/epic-coalition-urge-nypd-to-li.html Top News biometrics facial recognition license plate recognition social media monitoring surveillance Thu, 25 Feb 2021 10:30:00 -0500 EPIC and Coalition Urge Biden Administration to Commit to Transparency and Adopt New FOIA Guidelines letter to President Biden to commit to making transparency a top priority in his new administration. President Biden has pledged to "bring transparency and truth back to government," and advocates like EPIC intend to hold his administration accountable to these promises. The group asked the President to, among other things: direct agencies to adopt new Freedom of Information Act guidelines that prioritize transparency and the public interest; direct the Attorney General to issue new FOIA guidance; assess, preserve, and disclose key records of the previous administration; endorse legislative improvements for public records laws like FOIA and the Public Records Act; and seek funding increases for public records laws. The letter emphasized that "[a]s our country's history has shown us time and time again, when government secrecy proliferates, so do civil liberties violations and obstacles to democratic accountability." EPIC's Open Government Project frequently makes use of the FOIA to obtain information from the government, often litigating to force disclosure of agency records that impact critical privacy interests.]]> http://epic.org/2021/02/epic-and-coalition-urge-biden-.html http://epic.org/2021/02/epic-and-coalition-urge-biden-.html Top News FOIA open government Mon, 22 Feb 2021 17:05:50 -0500 EPIC Obtains Number of Location Data Requests from U.S. Attorney's Office for the District of Delaware lawsuit against the Justice Department in 2018 when the agency failed to respond. The agency has now begun issuing responses from 5 of its U.S. Attorneys' Offices. The first response is from the District of Delaware, and shows that from 2016-2019 the prosecutors in that office had 150 applications and orders for cell phone location data under 摟 2703(d). Over that same period the attorneys handled 351 criminal cases. EPIC is still waiting for responses from 4 of the agency's other prosecutors' offices. EPIC will maintain a comparative table as each district releases more information. Prosecutors do not currently release any comprehensive or uniform data about their surveillance of cell phone location data. In contrast, the Administrative Office for the U.S. Courts releases detailed reports each year about the use of federal wiretap authority. The U.S. Supreme Court ruled in 2018 in Carpenter v. United States that collection of cell phone location data without a warrant violated the Fourth Amendment. The case is EPIC v. DOJ, No. 18-1814 (D.D.C).]]> http://epic.org/2021/02/epic-obtains-number-of-locatio.html http://epic.org/2021/02/epic-obtains-number-of-locatio.html Top News Carpenter v. United States EPIC v. DOJ FOIA location data wiretap Mon, 22 Feb 2021 14:55:02 -0500 EPIC, Coalition Urge Biden Administration to Halt Use of Facial Recognition coalition letter, EPIC and over 40 other privacy, civil liberties, and civil rights groups called on the Biden administration to 1) place a moratorium on federal use of facial recognition and other biometric technologies, 2) stop state and local governments from purchasing facial recognition services with federal funds, and 3) support the Facial Recognition and Biometric Technology Act. The coalition letter highlights the threat of facial recognition to create a panopticon of surveillance, the particular harms to people of color, women, and youth from mis-identification by facial recognition, and widespread adoption of facial recognition without public input. Last year, EPIC and a coalition of privacy, civil liberties, and civil rights groups urged Congress to pass Senator Markey's Facial Recognition and Biometric Technology Act bill. In 2019, EPIC launched a campaign to鈥?a href="/banfacesurveillance/ " target="_blank">Ban Face Surveillance鈥痑nd through the鈥?a target="_blank">Public Voice coalition鈥痝athered the鈥?a target="_blank">support鈥痮f over 100 organizations and many leading experts across 30 plus countries.]]> http://epic.org/2021/02/epic-coalition-urge-biden-admi.html http://epic.org/2021/02/epic-coalition-urge-biden-admi.html Top News facial recognition surveillance Wed, 17 Feb 2021 11:55:00 -0500 FTC Commissioner Wilson Signals Openness to Data Privacy Rulemaking Christine Wilson, one of four current members of the Federal Trade Commission, said Friday that she is open to using the FTC's rulemaking authority to regulate data privacy. "I would hope that Congress will act, but if Congress doesn't act, maybe we do spend that time," Politico quoted Commissioner Wilson as saying during a Silicon Flatirons event. EPIC has long urged the FTC to impose clear privacy obligations on companies that collect and use personal data, including by exercising the Commission's underused rulemaking power. In 2020, EPIC filed a petition with the FTC calling on the Commission to conduct a rulemaking on the use of artificial intelligence in commercial settings. "By defining unfair and deceptive practices ex ante, and with specificity, a trade regulation rule would make it easier for the FTC to take action against parties that harm consumers," EPIC explained. Acting FTC Chair Rebecca Kelly Slaughter and Commissioner Rohit Chopra have previously signaled their support for using the FTC's rulemaking authority to address consumer privacy issues.]]> http://epic.org/2021/02/ftc-commissioner-wilson-signal.html http://epic.org/2021/02/ftc-commissioner-wilson-signal.html Top News consumer privacy FTC Fri, 12 Feb 2021 16:14:15 -0500 EPIC to Maryland Legislators: Security Questions Need Upgrade testify today before the Maryland Senate Committee on Finance in support of stronger authentication methods to protect consumers. Senate Bill 185 requires financial institutions who choose to use security questions as a authentication method to provide customers with more than one security question option. EPIC noted that there are plenty of alternative authentication methods available today and that financial institutions truly should no longer be using basic security questions. "The requirement that your password contain one uppercase letter, one lowercase letter, one symbol, and one number is meaningless if all that is required to bypass that password is your pet’s name," EPIC told the Committee. But, EPIC said, if security questions are going to be used, institutions should ensure that multiple question options are given, and that users are permitted to answer the questions with randomly-generated password-like answers rather than factual, semantic answers. ]]> http://epic.org/2021/02/epic-to-maryland-legislators-s.html http://epic.org/2021/02/epic-to-maryland-legislators-s.html Top News cybersecurity state policy Tue, 09 Feb 2021 10:31:24 -0500 EPIC & National Consumer Law Center Tell Court Not to Let Robocallers Off the Hook amicus brief in Lindenbaum v. Realgy, LLC, urging the Sixth Circuit to reject immunity for illegal robocalls made between 2015 and 2020. The case follows the Supreme Court’s decision in Barr v. American Association of Political Consultants, in which the Court held that an exception added in 2015 to the decades-old robocall restriction was unconstitutional and must be severed from the broad robocall ban. As defendant in a separate robocall suit, Realgy argued that the Supreme Court’s decision meant that the broad robocall ban was unenforceable for the period that the unconstitutional exception was in effect, from 2015-2020. The district court agreed and granted Realgy’s motion to dismiss. EPIC and NCLC filed an amicus brief arguing that granting robocallers immunity “would reward those who made tens of billions of unwanted robocalls and deprive consumers of any remedy for the incessant invasion of their privacy.” EPIC regularly files amicus briefs supporting consumers in illegal robocall cases.]]> http://epic.org/2021/02/epic-national-consumer-law-cen.html http://epic.org/2021/02/epic-national-consumer-law-cen.html Top News EPIC Amicus Filing Lindenbaum TCPA Tue, 02 Feb 2021 15:27:19 -0500 EPIC Urges NIST to Adopt Privacy-Protective Standards for Federal ID Cards comments responding to the National Institute of Standards and Technology's draft Federal Information Processing Standards for personal identity verification (ID cards and digital identity verification), EPIC urged the agency to adopt more privacy protective technology for federal employees and contractors. EPIC drew upon expertise from the Advisory Board for these comments. EPIC recently urged the Department of Homeland Security to suspend a new counterintelligence system of records which will collect biometric information. EPIC previously urged the Department of Transportation to provide more privacy protections for federal employees in the Insider Threat database.]]> http://epic.org/2021/02/epic-urges-nist-to-adopt-priva.html http://epic.org/2021/02/epic-urges-nist-to-adopt-priva.html Top News biometrics Identification Cards Tue, 02 Feb 2021 08:10:04 -0500 EPIC Gives International Privacy Award to Justice K.S. Puttaswamy (Retd.) and Shyam Divan Justice K.S. Puttaswamy, retired Justice of the Kamataka High Court and lead plaintiff in the case that established the constitutional right to privacy in India and challenged the country’s mandatory biometric data collection program Aadhaar, and Senior Advocate Shyam Divan, who was the lead attorney on the case. EPIC Interim Executive Director Alan Butler emphasized the significance of the Puttaswamy case, noting that it “was groundbreaking in ways that will reverberate for decades to come.” The decision supports the recognition of privacy as a fundamental human right, and the case forced limits on the collection of biometric data in the world’s second largest country. The ceremony took place online at the annual conference on Computers, Privacy, and Data Protection. ]]> http://epic.org/2021/01/epic-gives-international-priva-3.html http://epic.org/2021/01/epic-gives-international-priva-3.html Top News Thu, 28 Jan 2021 18:00:31 -0500 Hamburg DPA Deems Clearview AI's Biometric Photo database Illegal, Orders a Partial Deletion of Profile ruled that Clearview AI’s searchable database of biometric profiles is illegal under the EU’s GDPR and ordered the U.S. company to delete the claimant’s biometric profile. Clearview AI scrapes photos from websites to create a searchable database of biometric profiles. The database, which is marketed to private companies and U.S. law enforcement, contains over 3 billion images gathered from websites and social media. The claimant submitted a complaint to the Hamburg DPA after discovering that Clearview AI had added his biometric profile to the searchable database without his knowledge or consent. The DPA ordered Clearview to delete the mathematical hash values representing his profile but did not order Clearview to delete his captured photos. The DPA’s narrow order protects only the individual complainant because it is not a pan-European order banning the collection of any EU resident’s photos. The DPA decided that Clearview AI must comply with the GDPR, yet this narrow order places a burden on Europeans to have their profiles removed from the database. EPIC has long opposed systems like Clearview AI, filing an amicus brief before the 9th Circuit defending an individual's right to sue companies who violate BIPA and other privacy laws, submitting FOIA requests with several government agencies that use Clearview AI technology, and urgingthe Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.]]> http://epic.org/2021/01/hamburg-dpa-deems-clearview-ai.html http://epic.org/2021/01/hamburg-dpa-deems-clearview-ai.html Top News AI artificial intelligence biometrics Clearview facial recognition Thu, 28 Jan 2021 13:37:28 -0500 EPIC to Maryland Legislators: Enact Biometric Privacy Law EPIC Senior Counsel Jeramie Scott testified today to Senate and House Committees of the Maryland General Assembly in support of legislation protecting biometric information privacy. HB218 and SB16 are modeled after the Illinois Biometric Information Privacy Act (BIPA). Passed in 2008, BIPA has been referred to as one of the most effective and important privacy laws in America. "Unlike a password or account number, a person’s biometrics cannot be changed if they are compromised," EPIC told the Committees. EPIC stressed the importance of strong enforcement measures in privacy laws, particularly a private right of action. EPIC also submitted a recent case study on the Illinois law written by EPIC Advisory Board member Woody Hartzog. EPIC previously filed an amicus brief in Rosenbach v. Six Flags, where the Illinois Supreme Court unanimously decided that consumers can sue companies that violate the state's biometric privacy law. [Watch the hearing]

http://epic.org/2021/01/epic-to-maryland-legislators-e.html http://epic.org/2021/01/epic-to-maryland-legislators-e.html Top News biometrics BIPA policy Wed, 27 Jan 2021 13:34:55 -0500
European Parliament Guidelines Call for Moratorium on Facial Recognition report released on January 20, the European Parliament outlines the need for new legal frameworks for artificial intelligence and biometric surveillance. The report raises objections to both civilian and military uses of artificial intelligence, mass surveillance, and deepfakes. The European Parliament was particularly concerned with facial recognition technology, proposing a moratorium on its use in public and semi-public spaces. EPIC leads a campaign to Ban Face Surveillance through the Public Voice coalition.]]> http://epic.org/2021/01/european-parliament-guidelines.html http://epic.org/2021/01/european-parliament-guidelines.html Top News facial recognition surveillance Fri, 22 Jan 2021 14:15:00 -0500