Electronic Privacy Information Center

Electronic Privacy Information Center or "EPIC" is a public interest research group in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values in the information age. EPIC pursues a wide range of activities, including privacy research, public education, conferences, litigation, publications, and advocacy.

EPIC maintains two of the world's most popular privacy sites - epic.org [http://www.epic.org] and privacy.org [http://www.privacy.org] - and publishes the online EPIC Alert [http://www.epic.org/alert/] every two weeks with information about emerging privacy and civil liberties issues. EPIC also publishes "Privacy and Human Rights, Litigation Under the Federal Open Government Laws, The Public Voice WSIS Sourcebook, The Privacy Law Sourcebook," and "The Consumer Law Sourcebook". EPIC litigates high-profile privacy, First Amendment, and Freedom of Information Act cases. EPIC advocates for strong privacy safeguards.

In addition to maintaining privacy.org, EPIC also coordinates the Public Voice coalition [http://www.thepublicvoice.org] , and the Privacy Coalition [http://www.privacycoalition.org] . EPIC also established the National Committee on Voting Integrity [http://www.votingintergrity.org] .

Background

EPIC was founded in 1994 by David Banisar, Marc Rotenberg, and David Sobel, as a joint project of the Fund for Constitutional Government and Computer Professionals for Social Responsibility. Early on, the organization focused on government surveillance and cryptography issues, such as the Clipper Chip and the Communications Assistance for Law Enforcement Act, or CALEA. After becoming an independent non-profit organization in November 2000, EPIC has continued to work on government surveillance issues and on a growing number of consumer privacy issues, such as identity theft, phone record security, medical record privacy, and commercial data mining. EPIC also works to increase government transparency by filing Freedom of Information Act requests to obtain and make public government documents. EPIC has also been active in promoting secure, verifiable, and privacy-guarding methods for electronic voting.

Organizational Structure

EPIC is registered as a non-profit Public Charity, and receives most of its funding from organizational and individual contributors, as well as through grants and the sale of its publications.

Criticisms

EPIC has been criticized by both opponents and supporters for what are seen as its extreme positions on privacy issues. The June 1995 issue of WIRED magazine [http://www.wired.com/wired/archive/3.06/eword.html] quoted a member of the Electronic Frontier Foundation as saying that EPIC "made everybody else at the table look moderate. It's the old good-cop-bad-cop routine."

Publications

EPIC maintains and publishes its newsletter, the EPIC Alert [http://www.epic.org/alert/] , every two weeks.

EPIC also publishes several books on privacy and open government, including "Privacy and Human Rights, Litigation Under the Federal Open Government Laws, Filters and Freedom, The Public Voice WSIS Sourcebook, The Privacy Law Sourcebook," and "The Consumer Law Sourcebook".

Other publications include reports on internet privacy for web surfers, an analysis of industry self-regulation, and how Internet filtering software can block innocuous sites.

EPIC also maintains privacy.org [ [http://www.privacy.org Privacy.org] ] and the Privacy Coalition [ [http://www.privacycoalition.org Privacy Coalition ] ] . In addition, EPIC coordinates the Public Voice [ [http://www.thepublicvoice.org Public Voice] ] coalition, launched in 1996 to promote public and NGO participation in decisions concerning the future of the Internet, as well as the National Committee for Voting Integrity, [ [http://www.votingintegrity.org National Committee for Voting Integrity] ] which was established to promote voter-verified balloting and to preserve privacy protections for elections in the United States.

History, Milestones, Cases, Congressional Testimony

* April 2007: EPIC, along with the Center for Digital Democracy and U.S. PIRG, filed a complaint [http://epic.org/privacy/ftc/google/epic_complaint.pdf] with the Federal Trade Commission, urging the Commission to open an investigation into the proposed acquisition of DoubleClick by Google. The groups urged the FTC to assess the ability of Google to record, analyze, track, and profile the activities of Internet users with data that is both personally identifiable and data that is not personally identifiable. The groups further urged the FTC to require Google to publicly present a plan to comply with well-established government and industry privacy standards such as the OECD Privacy Guidelines. Pending the resolution of these and other issues, EPIC encouraged the FTC to halt the acquisition.
* April 2007: In response to a petition filed by EPIC, the Federal Communications Commission issued rules to protect the privacy of consumers' telephone records.
* March 2007: In testimony [http://www.epic.org/privacy/iei/roten_hcom0307.pdf] before the House Committee on Energy and Commerce, EPIC Executive Director Marc Rotenberg expressed support for H.R. 936, the Prevention of Fraudulent Access to Phone Records Act.
* February 2007: In testimony [http://www.epic.org/privacy/iei/hr251test.pdf] before the House Committee on Energy and Commerce, EPIC staff counsel Allison Knight testified in support of the Truth in Caller ID Act of 2007.
* November 2006: EPIC joined with other organizations in urging the Supreme Court to review Gilmore v. Gonzales. The case concerns a secret rule that allows airport personnel to require travelers in the United States to produce identification. EPIC's brief said that the secret agency rule "offends the Constitution and implicates the rights of millions of American travelers who are presently subject to arbitrary and unaccountable governmental authority."
* May 2006: EPIC Executive Director Marc Rotenberg testified [http://www.epic.org/privacy/iei/hr5126test.pdf] ] at a hearing before the House Subcommittee on Telecommunications and the Internet on the Truth in Caller ID Act of 2006, a bill that would outlaw "spoofing" telephone calls.
* April 2006: EPIC filed a friend of the court brief [http://www.epic.org/privacy/peterson/epic_peterson_amicus.pdf] in Peterson v. NTIA supporting the rights of .US domain name holders not to publish their personal information on the Internet. In 2005, the Department of Commerce, which administers the .US domain, banned users from using proxy services that would protect privacy.
* February 2006: In testimony [http://epic.org/privacy/iei/sencomtest2806.html] before the Senate Committee on Commerce, Science and Transportation, EPIC Executive Director Marc Rotenberg called for a ban on the sale of communications records, as well as a ban on "pretexting," the practice of using false pretenses to trick a company into releasing personal information.
* February 2006: In a Freedom of Information Act complaint [http://epic.org/privacy/nsa/amended_complaint.pdf] filed in federal court, EPIC sought the release of National Security Agency documents detailing the Administration's warrantless domestic surveillance program.
* February 2006: EPIC Executive Director Marc Rotenberg testified [http://epic.org/privacy/iei/pretext_testimony.pdf] before the House Committee on Energy and Commerce on the sale of personal phone records. EPIC called for laws that would ban pretexting (a technique used by data brokers to obtain personal information), as well as enhanced security procedures, and restrictions on the collection of customer data.
* January 2006: The Federal Trade Commission announced a settlement with data broker Choicepoint, under which the company had to pay $10 million to the Commission and $5 million to redress consumer harms. It was the largest civil penalty in FTC history. EPIC had filed a complaint with the Federal Trade Commission in December 2004 urging the agency to investigate the compilation and sale of personal dossiers by data brokers such as ChoicePoint.
* January 2006: EPIC filed a Freedom of Information Act lawsuit [http://epic.org/privacy/nsa/complaint_doj.pdf] against the Justice Department, asking a federal court to order the disclosure of information about the Administration's warrantless domestic surveillance program within 20 days.
* January 2006: EPIC filed suit [http://epic.org/privacy/terrorism/iob_complaint.pdf] in federal court against the Justice Department for reports of possible misconduct submitted by the FBI to the Intelligence Oversight Board.
* November 2005: EPIC testified before the House Homeland Security Committee and warned that the new plan for passenger screening was still flawed. EPIC recommended that the program not go forward until its problems were fixed.
* November 2005: Judge Gladys Kessler ordered the FBI to publicly release or account for 1,500 pages responsive to EPIC's Freedom of Information Act request every fifteen days.
* October 2005: Documents obtained by EPIC under the Freedom of Information Act described thirteen cases of possible FBI misconduct in intelligence investigations.
* October 2005: EPIC and Patient Privacy Rights launched a joint campaign to strengthen protections for patients' medical information.
* October 2005: EPIC filed an amicus brief in a federal case that raised the question of whether the police may coerce a person to provide a DNA sample. EPIC's brief, which provided detailed information on the many problems with DNA dragnets, argued that very clear guidelines must be established before the police may engage in this practice.
* October 2005: EPIC led a campaign of more than 100 organizations that urged Secretary of Defense Donald Rumsfeld to end the "Joint Advertising and Market Research Studies" Recruiting Database.
* August 2005: EPIC petitioned [http://epic.org/privacy/iei/cpnipet.html] the Federal Communications Commission to initiate a rulemaking to enhance security safeguards for individuals' calling records. The petition follows a complaint [http://epic.org/privacy/iei/ftccomplaint.html] concerning the illegal sale of personal information obtained from telephone carriers, and an updated filing [http://epic.org/privacy/iei/ftcupdate.html] where EPIC identified 40 websites that openly offer to obtain calling records without the knowledge and consent of the account holder.
* August 2005: EPIC and a coalition of open government organizations filed an amicus brief [http://epic.org/open_gov/nsl/secrecy_amicus.pdf] in Gonzales v. Doe, a lawsuit concerning the FBI's authority to issue national security letters without judicial approval and under a permanent gag order that bans the recipient from telling anyone about the demand.
* July 2005: EPIC testified before the House Commerce Subcommittee on Consumer Protection. EPIC urged Congress to pass strong data security legislation that includes privacy protections for use of personal information.
* July 2005: EPIC testified before the Senate Foreign Relations Committee in opposition to the ratification of the Council of Europe Convention on Cybercrime. EPIC urged the Senate to oppose ratification because of the convention's sweeping expansion of law enforcement authority, the lack of legal safeguards, and the impact on U.S. Constitutional rights.
* May 2005: EPIC testified before the House Judiciary Committee on one of several proposals before Congress to impose new employment verification requirements on those wishing to work within the U.S. The legislation would require all workers to obtain a Social Security Number card that would be machine-readable, and would also empower the Department of Homeland Security to determine employment eligibility of those seeking employment. EPIC opposed the creation of this new employment verification system.
* April 2005: EPIC filed a complaint [http://www.epic.org/privacy/terrorism/usapatriot/sunset_complaint.pdf] asking a federal court to force the FBI to disclose information about its use of expanded investigative authority granted by sunsetting provisions of the USA PATRIOT Act. The agency had agreed [http://www.epic.org/privacy/terrorism/usapatriot/sunset_reply.pdf] to quickly process EPIC's Freedom of Information Act request [http://www.epic.org/privacy/terrorism/usapatriot/sunset_request.pdf] for the data, but had not complied with the timeline for even a standard FOIA request.
* March 2005: EPIC urged lawmakers to regulate Choicepoint and other data brokers in testimony before the House Commerce Subcommittee on Consumer Protection. EPIC testified that there is too much secrecy and too little accountability in the business dealings of data brokers, and that Choicepoint's selling of customer information to identity thieves underscored the need for federal regulation of the information broker industry.
* January 2005: EPIC learned through Freedom of Information Act litigation that the FBI had obtained 257.5 million Passenger Name Records following 9/11, and that the Bureau has permanently incorporated the travel details of tens of millions of innocent people into its law enforcement databases.

References

External links

* [http://epic.org/ Official website]