Updated Location Privacy Protection Act Introduced

 
On March 27, 2014, Senator Al Franken (D.-Minn.) introduced the Location Privacy Protection Act of 2014, a bill that addresses so-called “stalking apps.” While Senator Franken’s intent is to target those apps designed to maliciously track individuals without their knowledge, the legislation (an updated version of a bill we discussed three years ago) would require all companies to get users’ permission before collecting and sharing location data from smartphones, tablets, and in-car navigation devices. To obtain consent, entities subject to the law (if passed) would have to provide “clear, prominent, and accurate notice” that tells the user that his or her geolocation information will be collected. The notice must also identify the categories of entities to which the geolocation information may be disclosed, and provide a link or some other easy means for users to access publicly available information about the geolocation data to be collected. The bill includes several exceptions to the consent requirement, allowing the collection or use of geolocation data without the requisite notice and consent for purposes such as allowing parents to locate children, and enabling the provision of emergency services.
 
Continue Reading...

The Twelve Days of Surveillance

By Lance Koonce

It seems like a new revelation about mass surveillance by the U.S. government and our allies occurs on an almost daily basis, each one more astounding than the last.  Don’t be surprised if those jingling bells you hear on your roof next week are not St. Nick, but instead someone installing a covert listening device on your fiberoptic phone line.

So, just in time for holidays, here’s a musical summary of some of the most stunning surveillance disclosures, with citations to background material on each.  Break out the eggnog and join us as we count down the Twelve Days of Surveillance.

Continue Reading...

Reports note that US ranks near the bottom for privacy protection, on par with Russia, China, and Malaysia -- and also is flunking on press freedoms

Posted by Bruce E.H. Johnson

Privacy International has issued its annual Privacy and Human Rights Study analyzing privacy protections around the world. The study ranks the United States near the bottom for privacy protections, calling it an "extensive surveillance society." 

In failing to provide privacy rights, the U.S. is in very interesting company, as one news account noted:

Privacy International ranked 36 nations around the globe, including all European Union nations and other major democracies, and determined that in categories such as enforcement of privacy laws, the U.S. is on par with countries like China, Russia and Malaysia.

Continue Reading...

Sen. Specter's FISA Bill Should Be Defeated

Posted by Randy Gainer

Senate Bill S. 2453, which the Judiciary Committee passed 10-8 on a party-line vote on September 14th, would allow the President to ignore the restrictions on domestic surveillance passed by Congress in 1978. As the lawyers at Steptoe and Johnson described in their E-Commerce Law Week report : "S. 2453 would significantly . . . dramatically increase the Executive Branch's authority to engage in surveillance without any court order at all. . . . [A]lthough the bill purports simply to acknowledge the President's constitutional authority to engage in warrantless surveillance, without affecting that authority, the bill would actually alter the legal terrain significantly and make it more likely that courts would uphold the constitutionality of the NSA's warrantless wiretapping program. This means the government could demand that communications providers assist with wiretaps even where there is no court order and no statutory authorization at all."

Continue Reading...

Senator Specter Promotes FISA Fallback Plan for the Bush Administration

Posted by Randy Gainer

The Foreign Intelligence Surveillance Act, 50 U.S.C. §§ 1801-1811, currently makes FISA court orders and judicial warrants issued in criminal proceedings the exclusive means by which the President and other executive branch officials may lawfully intercept telephone calls and emails sent or received by people in the United States.  Section 109 of FISA, codified at 50 U.S.C. §1809(a), states in pertinent part:  “A person is guilty of an offense if he intentionally – (1) engages in electronic surveillance under color of law except as authorized by statute . . . .”  In other words, with certain exceptions, “electronic surveillance of a foreign power or its agents may not be conducted unless the FISA Court authorizes it advance.”  ACLU Foundation of S. Cal. v. Barr, 952 F.2d 457, 461 (D.C. Cir. 1991).  

Continue Reading...

Coming Soon to an ISP Near You: Data Retention

Posted by K.M. Das

A few weeks ago, we discussed Attorney General Gonzales's speech to the staff of the National Center for Missing and Exploited Children that the United States might soon implement data retention rules for ISPs. CNet's News.com reported on Tuesday that Wisconsin Representative F. James Sensenbrenner, chairman of the House Judiciary Committee, will soon be announcing legislationて羡he Internet Safety Actて羡hat would require the Attorney General to "issue regulations governing the retention of records by Internet Service Providers. Such regulations shall, at a minimum, require retention of records, such as the name and address of the subscriber or registered user (and what) user identification or telephone number was assigned" to the subscriber or user.

Continue Reading...

Senator Specter Fails to Cut Off Funding for Warrantless Surveillance

Posted by Randy Gainer

Senator Arlen Specter attempted to attach an amendment to the Senate version of the Supplemental Appropriations bill that was passed by the Senate on May 4, 2006. The amendment would have prevented government agencies from using any funds "appropriated by this or any other Act" to carry out the NSA program acknowledge by President Bush on December 17, 2005, or to carry out any related programs unless the administration briefed the House and Senate Intelligence Committees about the programs. The proposed amendment, SA 3679, was rejected by the Senate.

Continue Reading...

Judge's Decision on DOJ's Google Subpoena Imminent

Posted by Thomas R. Burke

Still no final word from the court on yesterday's showdown between Google and the Justice Department -- although an order will likely come out this week -- but U.S. District Judge James Ware appears to appreciate the concern that the federal government's subpoena request smacks of surveillance. Delcan McCullagh's account of the contested hearing notes that the judge, based in San Jose, is reluctant to give "everything it wanted because of the 'perception by the public that this is subject to government scrutiny' when they type search terms into Google.com." Discovery battles are notoriously resolved by "splitting the baby" -- both sides are sent home with something, but far less than they wanted. This however, is not your typical discovery battle. It will be interesting to watch if Google will appeal Ware's decision. Ironically, Google's decision to continue this battle in the Ninth Circuit Court of Appeals will largely depend too on whether the company is comfortable with the public's perception of what search information -- from now on -- will be accessible by the federal government.

Senate Intelligence Committee Votes Against NSA Probe

Posted by Randy Gainer

The Senate Intelligence Committee voted today not to investigate the NSA domestic spying program. The Republican majority on the Committee instead is backing a bill that would retroactively authorize the NSA to conduct the types of domestic electronic surveillance the NSA has been conducting since at least 2001. The bill, termed the Terrorist Surveillance Act of 2006, would reportedly permit the NSA to conduct surveillance without a warrant for 45 before justifying the wiretapping to any court. The Senate Committee's refusal to investigate the Bush Administration's decision to ignore the Foreign Intelligence Surveillance Act ("FISA") means that it is up to the courts to enforce FISA and constitutional principles, such as separation of powers principles, and First and Fourth Amendment rights.

Return Receipt Not Requested

Posted by Lance Koonce

Recently a friend sent me an email message that contained, in the footer, a message stating that the email had been sent via "MSGTAG". Curious, I visited the website for this product, and learned that MSGTAG is an email "read receipt" program. The difference between this program and the read receipt function in MS Outlook and other widely-used email software is that the recipient does not receive a pop-up window asking whether he or she wants to send a read receipt - MSGTAG automatically does that. Further, if you upgrade to a pay version of the software, you can eliminate the footer message altogether. Then you can track all of your emails, and whether and when the recipients opened them, without the recipient knowing that his or her activity is being tracked.

Continue Reading...

The Cat Stevens Effect

Posted by Bruce Johnson

Bureaucracy at its craziest.

Fascinating article (subscription req'd) in yesterday's New York Times about the do-not-fly list.

Continue Reading...

Chief FISA Court Judges, DoJ Officials Questioned Legality of NSA Program

Posted by Randy Gainer

A Washington Post article on February 9, 2006 revealed that the Chief Judge of the Foreign Intelligence Surveillance Court directed the Department of Justice in 2004 not to present applications for FISA orders to the FISA Court (FISC) that were based on information gathered through the NSA's domestic surveillance program. The previous Chief Judge of the FISC, Royce C. Lamberth, reportedly issued a similar directive to the DoJ as well. Judge Lamberth and Judge Kollar-Kotelly were the only members of the FISC that had been told about the NSA program. The directives of the two FISC Chief Judges "reveals the depth of their doubts about its legality and their behind-the-scenes efforts to protect the court from what they considered potentially tainted evidence," the Post says.

Continue Reading...

Can Your Cell Phone Do This?

Posted by Steve Chung
Add to the list of amazing capabilities that cell phones can perform, employee tracking. In the name of operational efficiency for businesses, British technology firms are offering tracking services that take advantage of mobile phone tracking technology. To put at ease civil rights groups' concerns that this technology raises substantial privacy concerns, technologists list advantages such as knowing when an employee is stuck in a traffic jam or quickly locating and rerouting staff, for example, in the sales or freight industry.

Continue Reading...

TSA and FBI Settle "No Fly" List FOIA Lawsuit

Posted by Thomas R. Burke

The Transportation Security Administration and the FBI have agreed to pay $200,000 in attorneys' fees to the ACLU to settle a Freedom of Information Act and Privacy Act lawsuit filed in 2003 seeking information about the government's "no fly" list to screen airline passengers. ACLU press release here; additional news coverage here. U.S. District Judge Charles Breyer of the Northern District of California in San Francisco approved the settlement Tuesday afternoon (1/24/06).

Continue Reading...

EPIC Files FOIA Lawsuit Against the DOJ

Posted by K.M. Das

On January 19, 2006, the Electronic Privacy Information Center ("EPIC") filed a Freedom of Information Act ("FOIA") lawsuit against the Department of Justice ("DOJ") to attempt to expedite the DOJ's production of documents relating to the National Security Agency's domestic surveillance program.

Continue Reading...

DoJ Claims President Has Exclusive Power to Authorize NSA Domestic Surveillance During War Against al Qaeda

Posted by Randy Gainer

The Department of Justice published a 42-page memorandum on January 19, 2005 that defends the National Security Agency's domestic surveillance program. The DoJ memo responds to arguments raised by the Congressional Research Service in its January 5, 2006 report and by 14 law professors and former government officials in their January 9, 2006 letter to Congress. The DoJ memo elaborates on many of the same points it made in a December 22, 2005, letter to Congress but goes further by claiming that "acute constitutional crises" will result if the resolution authorizing the use of force against al Qaeda (the "AUMF") is not interpreted as having given the President authority to direct the NSA to conduct the domestic surveillance program. January 19 DoJ memo at 35.

Continue Reading...

Congressional Research Service Analysis Calls Into Question Legal Justification Behind NSA Monitoring of Communications

Posted by K.M. Das

On Thursday, January 5, 2006, the Congressional Research Service released a 44-page memorandum casting further doubt on the legality of the National Security Agency's monitoring of international communications of American citizens and residents. CRS, housed within the Library of Congress, is the "public policy research arm of the United States Congress." CRS is intended to give Congress "its own source of nonpartisan, objective analysis and research on all legislative issues."

Continue Reading...

"30,000 People on the Government's "No Fly" List Can't Be Right"

Posted by Thomas R. Burke

If 30,000 airline passengers since last November have taken the time to complain about being mistakenly being tagged as a "terrorist" -- literally tens of thousands of others must have also been mistakenly labeled. The TSA admitted this week that some 30,000 passengers have complained because their names have mistakenly been matched with names on federal watch lists, including the government's infamous "no fly" list.

Continue Reading...

The Evolution of Ex-Bush Cabinet Member Put on Hold

Posted by Steve Chung

If your puppy is missing, the microchip your vet implanted may save Spot from the fate of unwanted pets everywhere. But if it's a former Bush cabinet member that winds up at the pound....

President Bush's former Secretary of Health and Human Services, Tommy Thompson, publicly advocated that all U.S. citizens should receive RFID implants, a glass-encapsulated chip that is injected into human flesh for the purpose of instant retrieval of information about a person's identity, medical history and other important data. "It's very beneficial and it's going to be extremely helpful and it's a giant step forward to getting what we call an electronic medical record for all Americans," he told CBS MarketWatch in July. Hoping to inspire potential recipients to dream about the implants' countless benefits, Thomspon speculated that the chips "will prevent babies from being picked up by the wrong people in a maternity ward and make sure people in nursing homes don't walk away."

Continue Reading...

CDC Proposes Significant Changes to Its Ability to Track and Quarantine Passengers

Posted by K.M. Das

The Center for Disease Control ("CDC") is expected to post the first round of comments in response to its Notice of Proposed Rule Making ("NPRM") relating to the Control of Communicable Diseases on Tuesday, December 6, 2005. "The intent of the proposed updates to 42 CFR Parts 70 and 71 is to clarify and strengthen existing procedures to enable CDC to respond more effectively to current and potential communicable disease threats." (see here).

Continue Reading...

A Creeping Spread of Location Technology

Posted by Brian Bennett
A government proposal to use Global Positioning System ("GPS") transmitters to track New York City taxis has led to taxi driver demonstrations. Businesses are increasingly using location technology to track the movement of employee vehicles, raising employee and union concerns about businesses tracking employee movements. Some privacy advocates warn that the use of GPS technology could create more problems than benefits for businesses, leading to potential liability when plaintiffs' attorneys can prove a taxi or delivery van was speeding.

UK Police Endeavor to Create the Largest Surveillance System in the World

Posted by Steve Chung

The UK newspaper, The Register, reports that the UK's Association of Chief Police Officers (ACPO) plan to create a national vehicle moving database that is designed to retain license plate data captured from moving vehicles. A control center in London will link existing speedcams and other databases around the country, and by the end of the year, APCO expects the control center to process up to 50 million number plates, which would make it one of the most pervasive surveillance systems in the world. APCO's roads policing head, Meredydd Hughes, has revealed that Automatic Number Plate Recognition systems will be placed along roads every 400 yards, and will be used to enforce speed limits and then later to address more serious crimes. While the system will undoubtedly become a powerful tool for police officers, privacy concerns will inevitably arise, especially as the technology advances and license plate data is linked with faces and images of vehicle interiors.

"No Fly" List Revelations

Posted by DWT

The Privacy and Security Law Blog is today able to release, for the first time anywhere, the final set of previously secret documents produced by the Transportation Security Administration ("TSA") and the FBI in connection with a high profile Freedom of Information Act ("FOIA") lawsuit involving the government "no fly" list. The documents include the names of TSA employees involved in the administration of the list:

TSA Documents, pages 1-12.
TSA Documents, pages 12-24.
FBI Documents, pages 1-6.

Continue Reading...

The Two (Cell) Towers Revisited

Posted by K.M. Das

In the largest such project in the world, the Missouri Department of Transportation ("MODOT") is in talks with Delcan.NET to implement a statewide traffic monitoring system based on tracking cell phones. The basic idea behind the project is that by tracking specific cell phones as their signal moves from cell tower to cell tower, and overlaying that with highway maps, it will be possible to track how fast or slow traffic is moving. Delcan.NET is already providing this service in Baltimore, on a trial basis, by tracking a 1,000 Cingular users. Delcan.NET and MODOT are expected to finalize the contract within a few weeks and the project is expected to be implemented within six months of that.

Continue Reading...

The Register's "Spot the Black Helicopter" Contest Using Google Earth

Posted by Lance Koonce

An amusing competition with some startling results. The Register asked readers to submit image captures from Google Earth revealing potentially sensitive military installations and the like. Here's a sample:

Google400.jpg

Those are SR-71 "stealth" Blackbirds in the above photo. There a pages and pages of similar photos on the competition results page. A good example of David Brin's "Omni-Surveilled" future (or present, rather)...

David Brin on Our Omni-Surveilled Future

A fascinating article (site pass req'd) about the possible evolution of the surveillance culture in the August edition of Salon, by science fiction writer and scientist David Brin. In it, Brin anticipates flocks of miniature flying cameras providing video feeds from remote locations, wearable augmented reality devices providing real-time information to users about their environment, subvocal speech systems (a precursor to "tech-mediated telepathy"), and ubiquitous geographic location awareness (for people and devices).

Continue Reading...

MTA Approves Security Cameras for L.A. Subway and Light-Rail

The Los Angeles Times reports that the Los Angeles County Metropolitan Transportation Authority ("MTA") has approved almost $7 million to install state-of-the-art digital cameras on Los Angeles' subway and light-rail trains.

Continue Reading...

Canadian Law Would Allow Email Interception Without Court Order

Canada's federal cabinet will review legislation that would allow police and security agencies to intercept emails, text messages and possibly even financial transaction information found in websites that are protected by secure passwords.

Continue Reading...

Random Searches in NY Subways Raise Controversy and Constitutional Issues

What do you get when you put together New York subway riders, random searches, the Fourth Amendment to the U.S. Constitution, and a "War on Terror"? Why, a lawsuit of course. Just last week, the New York chapter of the ACLU filed suit in U.S. District Court in Manhattan on behalf of five New York subway riders to contest the policy in New York City, since July 21, to have police conduct random searches of riders' bags and packages. The plaintiffs claim such searches violate their right to be free from unwarranted searches and seizures under the Fourth Amendment. A link to the story can be found here.

Continue Reading...

FCC Rules that Broadband and VoIP Providers Must Accommodate Wiretaps

The FCC has issued a press release announcing that it will now require certain providers of broadband and Voice-over-Internet Protocol (VoIP) to build backdoor into their networks to accommodate law enforcement wiretaps.

Continue Reading...

RFID, Data Mining and Surveillance Ubiquity

Despite the claims of RFID tag makers that RFID tags are benign and unlikely to be used to create a surveillance society, three new developments suggest that RFID tags and data mining continue on their way to becoming both ubiquitous and used for general surveillance of customers, visitors, and citizens going about their daily lives. In a bid to help prevent kidnapping of children (and teen-agers from sneaking out of the house?), the Target chain of retail stores announced that it is purchasing pajamas from Lauren Scott of California that have RFID tags sewn into the hems. Readers positioned at various points through the house will set off an alarm if the pajamas pass the boundaries.

Continue Reading...