By Catherine Crump, Staff Attorney, ACLU Speech, Privacy and Technology Project at 5:02pm
Senator Charles Grassley got it right: officials at the Food and Drug Administration “have absolutely no business reading the private e-mails of their employees.”
On Sunday, the New York Times ran a lengthy story detailing how the FDA monitored the communications of its own scientists, including communications with members of Congress, lawyers and journalists. Those scientists had blown the whistle on what they believed were flawed internal procedures that led to the approval of unsafe medical imaging devices. The FDA engaged in a massive email monitoring campaign to read their communications—including their private, personal emails. The emails that the FDA collected included those of a former member of Senator Grassley’s staff, presumably because he had exchanged messages with one or more of the targeted FDA officials.
By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 1:09pm
In a post yesterday I discussed the belief that as long as our behavior and communications are only scrutinized by a computer, our privacy has not been invaded. Many people have that sense because computers are so much dumber than human beings.
By Sandra Fulton, ACLU Washington Legislative Office at 3:51pm
While the Internet community came out in force to protest the free speech and privacy threats posed by the PROTECT IP Act (PIPA) and the Stop Online Piracy Act (SOPA), an international trade agreement with the same stated goals—and potentially greater threats—was being negotiated behind closed doors. While the First Amendment can be served by intellectual property protections that incentivize content creation, IP laws can easily be misused. Like PIPA and SOPA, the Anti-Counterfeiting Trade Agreement (“ACTA”) is another misguided and overbroad attempt to crack down on counterfeiting and piracy over the Internet. There has been excellent analysis of the issue by sources including EFF, Tech Dirt and Ars Technica, but we have also been watching this issue and wanted to summarize what’s at stake.
By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 12:15pm
(Updated below)
LA Weekly has published an investigative report on the use of License Plate Scanners in Southern California. In addition to reporting that the rapid embrace of the technology by local law enforcement has led to “one of the most densely concentrated license plate recognition systems in the United States,” the article includes this signficant piece of news:
Guest blogger Agatha M. Cole is a J.D. candidate, Cardozo Law School, Class of 2013
The ongoing controversy surrounding domain name seizures under "Operation In Our Sites" seems to be reaching new heights. DHS launched Operation In Our Sites in 2010 to combat online piracy and the proliferation of counterfeit goods on the Internet. Since then, Immigration and Customs Enforcement (ICE) has shut down over 758 websites allegedly involved in the sale or distribution of counterfeit goods or illegal copyrighted works.
By Corinne Carey, Assistant Legislative Director, New York Civil Liberties Union at 1:46pm
I just returned from the 2nd International Summit on the Future of Health Privacy in Washington, D.C. where the title of this year’s Summit was: “Is there an American Health Privacy Crisis?” The Summit brought together privacy experts, public health officials, lawyers, technology developers, and academics to discuss the importance of privacy protection (as I wrote about last week) as the federal government moves to establish the Nationwide Health Information Network (NwHIN). Security breaches and patient consent were two major themes at the Summit—two issues which I believe are inextricably linked.
By Corinne Carey, Assistant Legislative Director, New York Civil Liberties Union at 8:30am
During the Super Bowl two years ago, a commercial aired featuring a doctor questioning his patient, a man in boxer shorts sitting on an exam table, about whether he’d been tested for cortical spreading depression. The patient begins to say he doesn’t remember, and suddenly flood lights go up. The patient is surrounded by doctors in white coats sitting in a theatre round. One by one, the doctors stand up and recite entries from the patient’s medical records. When they finish, the mortified patient looks at his doctor and says, “Um, can I put my pants back on, please?” The commercial was for GE’s electronic health records system, and I remember thinking: “Was this an ad FOR electronic health records, or AGAINST them?”
By Linda Lye, Staff Attorney, ACLU of Northern California at 5:09pm
Today, a federal district judge in Arizona issued a very disappointing decision concerning the government’s obligations to be candid with courts about new technologies they are seeking a warrant to use.
The case involves Daniel Rigmaiden, who is being criminally prosecuted for an alleged electronic tax fraud scheme. The government used a surveillance device known as a stingray to locate Mr. Rigmaiden. A stingray operates by simulating a cell tower and tricking all wireless devices on the same network in the immediate vicinity to communicate with it, as though it were the carrier’s cell tower. In order to locate a suspect, a stingray scoops up information not only of the suspect, but all third parties on the same network in the area. This means that when the government uses a stingray to conduct a search, it is searching not only the suspect, but also tens or hundreds of third parties who have nothing to do with the matter. When the FBI sought court permission to use the device to locate Mr. Rigmaiden, it didn’t explain the full reach of stingrays to the court.
The ACLU and the Electronic Frontier Foundation filed an amicus brief arguing that when the government wants to use
By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 4:43pm
One of the things in play in the current wrangling over immigration reform is whether we will see the E-Verify work authorization program expanded nationwide and made mandatory. We’ve just put out a white paper summarizing “The 10 big Problems With E-Verify.”
Overall, E-Verify represents a move toward the creation of a “Mother may I” or “permission society” in the United States. In an attempt to stop the tiny percentage of those starting jobs in the United States each year who are unauthorized workers, E-Verify would force everyone to obtain affirmative permission from government bureaucracies before engaging in the core life functions of working and earning a living. That not only inverts the relationship between the individual and government, but will lead to a number of other serious problems, which we set forth in the paper.
By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 5:56pm
We’ve been doing a fair amount of thinking about the implications of consumer wearable cameras like Google Glass, and I’m sure we’ll have more to say in this space on the subject. But meanwhile, we’re pleasantly surprised to report a very trenchant analysis of the technology’s implications for our privacy by none other than Michael Chertoff. Writing on CNN’s web page, the former DHS chief writes,
So, who owns and what happens to the user's [video] data? Can the entire database be mined and analyzed for commercial purposes? What rules will apply when law enforcement seeks access to the data for a criminal or national security investigation? For how long will the data be retained? ….
Even those who might be willing to forgo some degree of privacy to enhance national security should be concerned about a corporate America that will have an unrestricted continuous video record of millions.
What is to prevent a corporation from targeting a particular individual, using face recognition technology to assemble all uploaded videos in which he appears, and effectively constructing a surveillance record that can be used to analyze his life?
Chertoff says he’s inclined to think that government regulation may be needed. I haven’t seen Chertoff say anything about the threat of pervasive government surveillance, which would make him a kind of anti-libertarian on privacy—in favor of restricting corporations, but not the government. For the average, relatively powerless person trying to live their life, the threat comes from both directions.
