ELECTRONIC PRIVACY INFORMATION CENTER
1718 Connecticut Avenue NW
Suite 200
Washington DC 20009 USA
T: +1-202-483-1140
F: +1-202-483-1248
epic.org
The Electronic Privacy
Information Center
EPIC Annual Report 2007–2008
M I S S I O N & P R O G R A M S
THE ELECTRONIC PRIVACY INFORMATION CENTER is a public interest
research center in Washington, D.C. EPIC was established in 1994 to focus
public attention on emerging civil liberties issues and to protect privacy,
freedom of expression and constitutional values in the information age.
EPIC pursues a wide range of activities, including policy research, public
education,conferences, litigation, publications, and advocacy.
EPIC is incorporated in Washington, D.C. and tax-exempt under IRS section
501(c)(3). EPIC receives support from individual contributors, private
foundations, the sale of publications, and legal awards. Contributions to
EPIC are tax-deductible.
EPIC maintains two of the world’s most popular privacy sites—epic.org—
and privacy.org—and publishes the online EPIC Alert every two weeks with
information about emerging civil liberties issues. EPIC also publishes Privacy
and Human Rights, Litigation Under the Federal Open Government Laws,
Filters and Freedom, the Privacy Law Sourcebook, and The Consumer Law
Sourcebook. EPIC litigates high-profile privacy, First Amendment, and
Freedom of Information Act cases. EPIC advocates in the public interest
for strong privacy safeguards.
EPIC works in support of several NGO coalitions, including Privacy International
(privacyinternational.org), the Internet Free Expression Alliance (ifea.net),
the Global Internet Liberty Campaign (gilc.org), the Internet Democracy Project
(internetdemocracy.org), and the Trans Atlantic Consumer Dialogue (tacd.org).
EPIC maintains the Privacy Site (privacy.org) and coordinates the Public Voice
coalition (thepublicvoice.org), the Privacy Coalition (privacycoalition.org),
the In Defense of Freedom coalition (indefenseoffreedom.org), and the
National Committee on Voting Integrity (votingintegrity.org). In early 2008,
EPIC launched Privacy ’08 (privacy08.org).
b 1 b
1
Mission & Programs
2
Privacy ’08: A Time for Debate
4
Epic Program
7
Epic Publications
9
Epic in Congress
12
Epic Litigation
16
Epic Advocacy
19
Internet Public Interest
21
Epic Affiliated Sites
23
Epic Supporters
24
Epic Finances
26
Epic Board & Staff
28
Support Epic
b 3 b
b 2 b
PRIVAC Y ’08: A TIME FOR DEBATE
It is time for the Presidential candidates and the country to begin a real discussion
about the future of privacy in America. This is an important issue for many Americans.
According to the Federal Trade Commission, identity theft is the #1 concern of
American consumers. It is also a non-partisan issue. Leaders in both parties have
championed this cause. Privacy is also a universal issue. In the globalized, networked
world, individuals around the world confront questions about personal privacy every
day. This is true both on social network sites and at military checkpoints in Iraq.
There is real urgency to begin a debate. The country is building new systems of surveil-
lance and identification. Since 9/11, congress has given the President new powers. Many
experts believe we are constructing a national surveillance state. What are the views of
the candidates? Would they continue on the current course? Is there a better approach?
The protection of privacy is much like the protection of the environment. It is an
ongoing challenge without a simple solution. Just like the industrial economy had
a great impact on the environment, the information economy will have an enormous
impact on personal privacy. It is not a problem that is simply solved by giving consumers
choice and relying on the marketplace. It will require a deep understanding of the
challenges we face and the policy options we might pursue. The longer we delay the
debate, the more difficult the challenges will become.
We need to begin a national debate on this topic now. We need to discuss both the
specific bills that are pending in Congress and what our world will look like in ten or
twenty years.
 What can Congress do to ensure meaningful oversight of truly necessary surveillance?
 How can we slow the increase in identity theft and security breaches?
 How can we limit the use of personal identifiers, such as Social Security Numbers,
that create so many privacy risks?
Those are the legislative questions that will appear on the Congressional scorecards.
Several bills on these topics will be introduced in the next Congress. There are also the
long-term questions:
 How do we promote innovation and competition in the information economy and still
protect privacy? How do we build in privacy protections that are easy to use and do
not require complex settings or elaborate policies?
 Do we need to draw some bright lines? For example, should we ever permit the
“chipping” of the elderly, prisoners, immigrants, or children?
 Will our systems of identification enable mobility and freedom or will they create a
new digital caste system? Should there be limits on the use of identification and some
space for anonymity?
 How do we rein in the “Homeland Security–Surveillance Industry” complex? There is
very little discussion of the new systems of surveillance that are being constructed
for the US government by US firms to spy on US citizens.
 Who will watch the watchers? How do we establish meaningful oversight with govern-
ment agencies that exercise extraordinary control in great secrecy?
 And how much surveillance should a democratic society accept? At what point does
a Constitutional democracy become a police state and how would we know when this
has occurred?
The questions are not easily answered. Many thoughtful, well informed people will reach
different conclusions. But there should be no real doubt about the need to begin this
discussion.
We launched the Privacy ’08 campaign to promote this discussion in the 2008 Presidential
Election. EPIC printed buttons and bumper stickers, created a Facebook Cause and set
up the domain PRIVACY08. We met with representatives of the Candidates and hosted
the Libertarian Candidate for President at the National Press Club in Washington, DC.
This campaign will continue beyond the election and into the next administration. We
want you to be a part of this discussion. We want you to join our Cause on Facebook.
We want you to encourage your Friends to participate. And we want to hear the ideas
of the political leaders who are taking us forward into the Twenty-First century. Do they
understand these issues? What do they propose to do?
Privacy 08 is the candidate. Friend our Cause.
Marc Rotenberg
EPIC Executive Director
b 5 b
b 4 b
Privacy
EPIC works “not in the heat of the moment or only
in partisan arenas, but deliberately, neutrally, and
thoughtfully,” and “EPIC’s efforts in [cyberspace law]
have served us all well.” –AMERICAN BAR ASSOCIATION
National identification systems. Passenger profiling. Data
mining. Internet privacy. RFID identity cards. Pretexting.
Biometric identifiers. Electronic voting. Surveillance cameras.
Fusion centers. EPIC is a leader in examining emerging
issues and offering solutions to protect personal information
from misuse. Congressional committees and government
agencies frequently call EPIC when seeking to identify privacy
risks and develop new approaches for privacy protection.
EPIC led efforts to oppose the creation of a national
ID, increased demands for voter photo ID requirements, and the lack of transparency on
the creation of local and state fusion centers. In 2007, EPIC’s civil liberties and consumer
protection work included leading the “Stop the REAL ID” campaign, and advocating for
consumer privacy protection as a condition of the merger of Google and Double-Click.
With the world’s most comprehensive archive of privacy resources, EPIC’s award-
winning web site demonstrates the educational potential of the Internet. With many
of the top-ranked web pages on key privacy topics, the EPIC site informs the ongoing
debate about the future of privacy.
Electronic Voting
“Election officials say their electronic voting systems are the very best. But
the truth is, gamblers are getting the best technology, and voters are being
given systems that are cheap and untrustworthy by comparison.”
–NEW YORK TIMES EDITORIAL
"I want to express my
gratitude to all the
individuals who help
keep democracy and
our constitutional rights
protected. Without
organizations such as
EPIC, we would be
in a dismal state of
affairs." -J.K.
E P I C P R O G R A M S
Free Speech
“A great resource on civil liberties and First Amendment issues.”
–WIRED MAGAZINE
“The most participatory form of mass speech yet developed.” That’s how Judge Stewart
Dalzell described the Internet in the landmark court decision striking down online cen-
sorship. As a leading publisher of policy materials on the Internet, EPIC joined with other
civil liberties and computer industry organizations and served as both co-counsel and
co-plaintiff in that historic litigation. EPIC has continued to play a leading role in defense
of free expression, including the right to receive and distribute information anonymously.
In 2006–2007, EPIC’s work to protect free speech began with an article about the
NSA’s illegal domestic spying program in the January 2006 edition of the online series
“Spotlight on Surveillance.”
Open Government
“EPIC keeps tabs on those who are keeping close tabs on us, and on
important legal issues.” –SAN DIEGO UNION-TRIBUNE
EPIC’s award-winning work applies Freedom of Information Act rules to make govern-
ment records concerning domestic surveillance, data mining, government profiling, and
networking available to the public.
“ In 2006–2007, EPIC published the twenty-third edition of “Litigation Under the Federal
Open Government Laws” and pursued a range of Freedom of Information Act cases,
including an ongoing case against the Department of Justice for the legal opinion,
issued by the Office of Legal Counsel, to justify the President’s warrantless wiretapping
program.”
b
b
E P I C P U B L I C A T I O N S
EPIC’s FOIA Manual “[d]eserves a place in the library of everyone
who is involved in, or thinking about, litigation under the Freedom
of Information Act.” –STEVE AFTERGOOD, FEDERATION OF AMERICAN
SCIENTISTS
EPIC’s Privacy Sourcebook is a “handy compilation of privacy
law instruments and a ‘’must’’ for anyone seeking guidance about
the location and content of the key statutes, treaties, and recent
developments.” –AMERICAN SOCIETY OF INTERNATIONAL LAW
The Privacy Law Sourcebook is also “[t]he ‘Physician’s Desk
Reference’ of the privacy world.” –EVAN HENDRICKS, PRIVACY TIMES
EPIC produces several publications each year that are popular among
policymakers, scholars, and advocates both in the United States and
around the world. EPIC publications are available for sale at the EPIC
Online Bookstore (bookstore.epic.org), Amazon Books, and also from the
EPIC Bookshelf at Powell’s Books (powells.com/features/epic/epic.html ).
Contact EPIC about discounts for multiple copies to educational institutions.
The Privacy Law Sourcebook: United States Law, International Law,
and Recent Developments
Updated annually, the Privacy Law Sourcebook is an invaluable resource for students,
attorneys, researchers and journalists who need a comprehensive collection of U.S. and
international privacy law, as well as a full listing of privacy resources.
Litigation Under the Federal Open Government Laws
The fully updated edition of the manual that lawyers, journalists and researchers have
relied on for more than 25 years, this standard reference work covers all aspects of the
Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and
the Federal Advisory Committee Act.
b 7 b
The increased use of technology that facilitates the right of citizens to be informed and
participate in public elections may threaten privacy. The use of technology in online and
offline voting is growing in popularity around the world, while the science that would
verify the efficacy, accuracy, and integrity of voter information resources as well as voting
systems lacks vital support. EPIC’s efforts in election reform focus on transparency,
privacy, and security of voting systems and processes.
The Public Voice
“There is an increasing recognition that we must involve all stakeholders
including the voice of civil society. The Public Voice meeting and its
contribution to the Forum have been constructive and positive.”
–OECD UNDER-SECRETARY GENERAL
The rise of the Internet and increasingly global markets have created new challenges
for democratic governance. International organizations now make many decisions once
made by national and local governments. The concerns of citizens are too often not
represented when government officials and business representatives gather.
The Public Voice Project, in cooperation with the OECD, UNESCO, and other international
organizations, works to bring civil society leaders face to face with government officials
for constructive engagement about policy issues. Public Voice events have been held in
Buenos Aires, Dubai, Hong Kong, Honolulu, Ottawa, Paris, Washington, and Wroclaw.
In 2006–2007, the Public Voice continued to promote public participation in decisions
concerning the future of the Internet through participation in workshops, on its web site,
and in monthly conference calls.
“No one shall be subjected to arbitrary interference with his privacy, family, home or
correspondence, nor to attacks upon his honor or reputation. Everyone has the right
to the protection of law against such interference or attack.”
– ARTICLE 12, UNIVERSAL DECLARATION OF HUMAN RIGHTS
“Everyone has the right to freedom of opinion and expression; this right includes
freedom to hold opinions without interference and to seek, receive, and impart ideas
through any media and regardless of frontiers.”
– ARTICLE 19, UNIVERSAL DECLARATION OF HUMAN RIGHTS
b 6 b
E P I C
I N C O N G R E S S
“When Big Brother keeps tabs on the people, it is nice to know there are
some people keeping tabs on Big Brother.” –NEW YORK LAW JOURNAL
In 2006–2007, EPIC appeared before several Congressional committees
to provide expert testimony on critical privacy and civil liberties issues.
EPIC also worked in coalitions with other organizations to draw attention
to emerging challenges, such as NSA domestic surveillance, phone record
privacy, Medical Privacy, e-tax records, municipal broadband, Internet
media consolidation, and passenger profiling.
b 9 b
b 8 b
Privacy & Human Rights: An International Survey of Privacy Laws and Developments
This annual survey, by EPIC and Privacy International, reviews the state of privacy in
over 70 countries around the world. The survey examines a wide range of privacy issues
including data protection, telephone tapping, genetic databases, e-voting, RFID, ID
systems and freedom of information laws.
Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls
Often characterized by their proponents as mere features or tools, filtering and rating
systems can also be viewed as fundamental architectural changes that may, in fact,
facilitate the suppression of speech far more effectively than national laws alone ever
could. This collection of essays, studies, and critiques of Internet content filtering should
be carefully considered if we are to preserve freedom of expression in the online world.
Solove, Rotenberg & Schwartz, Information Privacy Law
(Aspen Publishers)—“A Masterful Synthesis of the Field.”
Solove, Rotenberg & Schwartz, Privacy, Information, and Technology
(Aspen Publishers)—“A comprehensive, in-depth treatment of all
important issues involving information privacy
Should Americans who are
pulled aside at airports for secondary
screening be told the specific reason
they are under suspicion?
b
b 11 b
Telephone Number Spoofing
In May 2006, EPIC testified before the Senate Commerce
Committee on telephone number spoofing. In June 2007,
EPIC testified before the House Energy and Commerce
Committee regarding its efforts to combat telephone
number spoofing. In telephone number spoofing a caller
causes a phone number other than their own to appear
on a caller ID or similar display. EPIC said that there
are legitimate and illegitimate spoofing activities, and
recommended that the law only prohibit spoofing when
done with the intent to commit fraud or to harass.
Employment Verification
In June 2007, EPIC testified before the House Committee
on Homeland Security on strengthening privacy safeguards
associated with a Department of Homeland Security
managed employment eligibility verification system. EPIC
recommended that existing agency database problems
should be corrected before a nationwide expansion is
considered.
b 10 b
SSN
In March 2006, EPIC testified before the House
Subcommittee on Social Security on abuse of the Social
Security number and the Social Security card. In June
2007, EPIC testified before the House Ways and Means
Committee on efforts to address the misuse of the
SSN. “Every system of identification is subject to error,
misuse, and exploitation,” EPIC warned. Some members
of Congress have proposed that the card contain digital
photos, machine-readable identifiers, and biometric
identifiers that could turn the Social Security card into
a national ID card.
WHOIS Data
In July 2006, EPIC testified before the House Committee
on Finance in support of new privacy protections for
WHOIS, the directory of Internet owners. Currently
anyone with Internet connection, including spammers,
phishers, and stalkers, can access information in the
WHOIS database.
"Finally, I read your annual report. Sincerely, thank you for all
the good work your organization does. We work in a place where
money talks and Congress is fixated on what,s good for business
and law enforcement - and yet somehow your views get aired and
considered."”- T. T.
Do you favor comprehensive
privacy legislation for the Internet?
Google-Doubleclick Merger Review (Federal Trade Commission)
In 2007, EPIC undertook an extensive campaign to urge the Federal Trade Commission
to consider the privacy interests of Internet users in the FTC’s consideration of the
proposed acquisition of Doubleclick by Google. In a series of petitions and complaints,
focusing on the growing risks to user privacy if detailed profiles were combined without
adequate privacy safeguards, EPIC made the case for a modern merger review that
incorporates the privacy interests of Internet users. Although the FTC approved the
merger without conditions, EPIC was invited to testify on the case before the United
States Senate Judiciary Committee and the European Parliament Committee on Civil
Liberties, Justice and Home Affairs. Both committees have expressed ongoing interest
in the impact of Internet mergers on personal privacy.
Crawford v. Marion County (amicus)
In November 2007, EPIC, legal scholars and technical experts submitted an amicus brief
to the Supreme Court arguing that an Indiana photo identification requirement fails to
fulfill its purpose and unnecessarily places at risk the privacy interests of eligible voters.
Hepting v. AT & T (amicus)
In May 2007, EPIC, in cooperation with the Stanford Constitutional Law Center, filed
an amicus brief in Hepting v. AT&T. This lawsuit alleges that AT&T allowed the govern-
ment to wiretap calls and e-mails without judicial authority. The U.S. government and
AT&T seek to dismiss this case. The EPIC brief states, “The statutes and constitutional
provisions relied upon in the complaint are designed to interpose the courts between
citizens and the government when government conducts surveillance that it naturally
would prefer to conduct in secret and wholly at its own discretion.... This litigation
should thus proceed, lest the privacy claims here be made effectively unreviewable.”
b 13 b
E P I C L I T I G A T I O N
“Not only has the state failed to establish the need for the voter identification
law or to address the disparate impact of the law, the state’s voter ID system
is imperfect, and relies on a flawed federal identification system.”–EPIC
Amicus Brief in Crawford v. Marion County (2007)
EPIC’s litigation strategy follows five principles:
 to vigorously pursue pending matters to a favorable conclusion;
 to initiate or defend emerging legal challenges implicating free speech, privacy,
anonymity, and open access, particularly in an online or electronic environment;
 to actively promote the public dissemination of materials obtained under the
Freedom of Information Act;
 to provide assistance to attorneys, consumer and civil liberties organizations on
legal matters as needed; and
 to seek the participation of consumer and civil liberties organizations as well as
technical and legal experts to expand public involvement in emerging legal issues.
b 12 b
"I visited the EPIC web site today for some of my privacy research,
and its contents reminded me yet again of the extra-ordinary value
of your work and that of your colleagues at EPIC. This is a simple
note of my appreciation for what you and your colleagues do." -E.O.
Do you think the telephone companies
and others who may have violated the federal
wiretap laws should be granted legal immunity?"
b
On February 16, 2006, U.S. District Judge Henry H. Kennedy ordered the DOJ to process
and release documents concerning the NSA program within 20 days, or by March 8,
2006. The Justice Department then filed a motion asking Judge Kennedy for an addi-
tional four months to process some of the material responsive to EPIC’s request, which
Judge Kennedy granted. Later, the DOJ provided a Vaughn list of responsive FOIA
documents that would be withheld by the agency. EPIC challenged the DOJ’s decision
to withhold documents related to legal advice it provided to the White House regarding
the “legality” of the illegal domestic spying program. EPIC has asked the court to force
the DOJ to be more forthcoming, but the litigation continues.
Gilmore v. Gonzales (amicus)
This case challenged the government’s unpublished law or regulation requiring passen-
gers to present identification to fly on commercial airlines. John Gilmore argues that the
requirement violates numerous constitutional protections, including the rights to travel,
petition, freely assemble, be free from unreasonable search and seizure, and have access
to due process of law. In 2004, EPIC filed an amicus brief in this case. In January 2006,
the 9th Circuit ruled in the government’s favor, upholding the identification requirement.
EPIC v. Department of Justice & Department of the Treasury
EPIC submitted FOIA request to the DOJ and Department of Treasury following Wall
Street Journal reports that government agencies were purchasing personal information
from private sector profiling companies. EPIC challenged the agency’s heavy redaction
of the responsive documents. In 2006–2007, in a series of court challenges EPIC won
a major court decision against the DOJ’s secrecy claim in its pursuit FOIA documents
related to the President’s domestic surveillance program.
Nelson v. Salem State College (amicus)
In April 2006, the court ruled in favor of Salem State College. The case involved video
surveillance conducted in the college’s off-campus Small Business Development Center.
The video camera was used to investigate possible illegal entries in the center after
normal business hours and was set to record 24 hours a day. During the summer of
1995, Gail Nelson, a secretary at the Small Business Development Center, often brought
a change of clothes to work and changed in a cubicle. Ms. Nelson later learned about
the covert surveillance from a co-worker. EPIC filed an amicus brief arguing that society
is prepared to recognize an expectation of privacy in the workplace as reasonable. In
April 2006, the court ruled in favor of the college.
b 15 b
NCTA v. FCC (amicus)
In May 2007, EPIC filed an amicus brief in federal appellate court urging support for
opt-in safeguards for telephone customers. The brief was filed on behalf of consumer
and privacy organizations, technical experts, and legal scholars. At issue is the Federal
Communications Commission’s Orderthat protects consumers’ telephone record infor-
mation, which the National Cable and Telecommunications Association has challenged.
“Consumers have a legitimate expectation of privacy with respect to sensitive personal
information such as whom they call on a telephone,” the brief said. “An opt-out policy
would provide neither adequate protection for consumer data nor sufficient notice to
consumers.”
EPIC v. Department of Justice (concerning IOB reports)
In January 2006, EPIC filed suit in federal court against the Department of Justice for
reports of possible misconduct submitted by the FBI to the Intelligence Oversight Board
(IOB). Judge Colleen Kollar-Kotelly, the head of the Foreign Intelligence Surveillance
Court, was assigned to the case. EPIC had already obtained about 20 reports to the
Intelligence Oversight Board through another Freedom of Information Act lawsuit that
raise questions about compliance with federal law. Since EPIC filed suit, the FBI has
released several sets of documents responsive to EPIC’s request.
EPIC v. Department of Justice (concerning NSA surveillance)
In January 2006, EPIC filed another lawsuit against the DOJ to compel the immediate
disclosure of information concerning the NSA surveillance program and asked the
federal district court in Washington, D.C. to issue a preliminary injunction requiring
the release of relevant documents within 20 days.
Should US firms sell surveillance
technologies to the Chinese government?
b 14 b
Public WiFi Access in San Francisco
In February 2006, EPIC filed comments with the San
Francisco Government on its plans to offer public muni-
cipal broadband or WiFi access. EPIC urged city officials
to tweak privacy protections for users of a proposed
municipal broadband service. The comments sought to
allow anonymous access to the network, to limit sale of
personal information by the providers, and to routinely
delete personal information collected through the network.
Court Records and SSNs
In 2006–2007, EPIC submitted comments to the District of
Columbia and Florida courts recommending that court files
be scrubbed of identifiers such as Social Security Number, date of birth, and telephone
number. EPIC argued that, “Court records are becoming the fodder for dossiers on
Americans,” and that commercial data brokers are eroding the privacy rights of
individuals by extracting data from court files.
Taxpayer Privacy
In March 2006, EPIC submitted comments to the Internal Revenue Service in support of
a strong opt-in rule before tax preparers can disclose return information for marketing
purposes. The group urged the IRS to stiffen penalties for wrongful disclosure of data,
and to require tax preparers to take responsibility for how data are used for marketing.
Auto Dialers and Telecommunications Privacy
In May 2006, EPIC filed comments to the Federal Communications Commission, urging
the agency to reject a petition by ACA International that would allow the use of auto
dialers by debt collectors. The Telephone Consumer Protection Act of 1991 prohibits the
use of auto dialers to contact telephone devices. EPIC told the agency that the incidents
of identity theft in the US made the claim by ACA that it only seeks to collect outstanding
debts suspect. EPIC also stated that the agency correctly interpreted Congressional
intent when it implemented auto-dialer privacy protection, and urged the FCC to not
reverse itself on this matter.
b 17 b
E P I C A D V O C A C Y
Agency Proceedings
In 2006–2007, EPIC participated in a wide range of agency proceedings. The
topics ranged from traditional privacy concerns, such as the misuse of Social
Security Numbers and marketing practices, to new issues, including Internet
telephony, DNA collection, RFID passports, and government watch lists.
Airline Passenger Privacy
In January 2006, EPIC submitted comments to the Centers for Disease Control and
Prevention advising that the agency should limit its proposed rule requiring airline and
shipping industries to gather customer information, maintain it electronically for at least
60 days, and release it to the CDC within 12 hours of a request. EPIC urged the CDC to
narrow the scope of data collected and set strict security standards to keep passenger
data secure from unauthorized access and misuse.
WHOIS Database Privacy
In February 2006, EPIC sent comments to the ICANN, the entity that coordinates the
Internet’s naming system, on the “Preliminary Task Force Report on the Purpose of
WHOIS.” EPIC urged the adoption of a policy that would make WHOIS data (the listing
of those who register Internet domains) only available to “provide information... related
to the configuration of the records associated with the domain name within a DNS
name server.” EPIC cited the original purpose of WHOIS and the growing risk of identity
theft. EPIC specifically opposed a proposal that would make WHOIS data available for
broader purposes, such as law enforcement and copyright investigations
Commercial Data Brokers
In February 2006, EPIC submitted comments to the federal judiciary calling for changes
to procedural rules to shield personal information in court files from commercial data
brokers. Commercial data brokers employ stringers to harvest personal information
from court files, and then resell the information. Court files are becoming the fuel for
dossier building on Americans, and courts must accept responsibility for shielding data
from misuse.
b 16 b
" The Electronic Privacy
Information Center
advocates for the
right to be left alone
in this digital age.
It’is a tough fight,
but somebody has
to keep it going."”
-Knight / Ridder
Tribune News Service
b
I N T E R N E T P U B L I C I N T E R E S T
O P P O R T U N I T I E S P R O G R A M
b 19 b
Public Video Surveillance
In June 2006, EPIC submitted comments to the District of Columbia Metropolitan
Police Department opposing a new CCTV project that would dramatically expand police
surveillance of the public. EPIC urged the MPD to maintain public notification standards
for all video surveillance. EPIC also urged the MPD to set clear, objective standards for
evaluating the system.
Privacy in Telecommunication Customer Records
In June 2006, EPIC has filed reply comments on the Federal Communications
Commission’s proposal to require phone companies to increase security for consumers’
phone records. EPIC urged the FCC to adopt rules that prevent poor security practices,
such as using easily obtained biographical information as passwords for users to access
account information. In 2007, EPIC recommended that the Federal Communication
Commission when implementing Enhanced 911 regulation that they also protect
consumer location privacy. In addition, EPIC advocated for equal privacy protection
for all telephone user–including VOIP and other communication services.
Automated Targeting System (ATS)
In December 2006, EPIC led an effort by 29 organizations and 16 privacy and technology
experts to file comments urging the Department of Homeland Security to suspend the
traveler-profiling program and to fully enforce Privacy Act obligations. The coalition
explained that Privacy Act obligations were imperative for a system such as ATS,
which creates “risk assessments” of travelers and keeps the data for 40 years.
REAL ID
In May 2007, EPIC’s Privacy Coalition project led a coalition of more than 60 organiza-
tions in a concerted effort to increase the number of public comments to the Department
of Homeland Security on the agency’s proposed rule to implement the REAL ID. As
a result of the campaign more than 12,000 comments were submitted to the agency.
EPIC’s comments to the agency said that the “ill-conceived plan would increase the risk
of and the damage caused by identity theft.”
b 18 b
“I really enjoyed the time here and appreciate all the effort it takes from
all the staff to make this such a rewarding experience. . . I did like the
org[anization] . . .because we all got to work with all the permanent staff
rather than always going through an intermediary. . . I really enjoyed writing
comments about proposed rulemaking. I felt that was the assignment that
most demonstrated the difference we can make. I also really enjoyed
preparation for the protest [opposing deployment of CCTV surveillance
in Washington, DC] . . .The amicus brief was definitely the most rewarding,
but meeting with officials who are real decision-makers, in informal gather-
ings, was also very interesting. . . [Best experience of the IPIOP program]
Preparing material for Congressional hearing on WHOIS…FOIA request
work. . . assignments permitting exploration of the nuanced issues in a
particular interest . . . Loved sitting in on hearings.” –2006–2007 IPIOP CLERKS
A grant from the Glushko-Samuelson Foundation established the Internet Public
Interest Opportunities Program (IPIOP). IPIOP is an intensive, paid legal internship
conducted during the summer, fall, and spring terms. There are summer and school
semester internships available for outstanding law students with a strong interest in
civil liberties relating to the Internet, particularly free speech, privacy, open govern-
ment, and democratic governance. The EPIC IPIOP Program gives law students the
opportunity to actively participate in valuable programs in Internet law, policy, and
legislation. Washington, D.C. provides an ideal location for an introduction to Internet
law and \policy. IPIOP clerks attend agency proceedings, policy meetings, and
Congressional hearings, as well as visiting landmarks in the nation’s capital. IPIOP
clerks also attend seminars led by eminent scholars and practitioners in the field of
Internet policy. The goal of the program is to provide opportunities for law students
to experience first-hand the new and exciting intersection between Internet law and
public policy.
b
b
b 21 b
b 20 b
Legislation
The legislative process is the critical opportunity for public
interest organizations to make their case directly to lawmakers,
to engage in discussion about the details of proposed legisla-
tion, and to establish connections with critical committees
and decision makers. IPIOP clerks learn about this crucial
process by researching and drafting memoranda on critical
issues before Congress, and by attending hearings.
Government Oversight
The Freedom of Information Act (FOIA) is a powerful tool
for public interest organizations to learn about otherwise
inscrutable government activities and to promote public
oversight. Each IPIOP clerk researches, drafts, and submits
a FOIA request on a current Internet issue to one of many
government agencies. Clerks also assist in litigating pending
FOIA matters.
Litigation
Clerks assist EPIC staff in developing litigation strategies in key cases with significant
impact on critical Internet issues. Clerk activities include drafting memoranda, meetings
with attorneys, and attending court hearings.
Collaboration
IPIOP works in association with public interest litigators and law school clinics across the
country. A distinguished Advisory Committee oversees the work of IPIOP. Graduating
law school students interested in EPIC’s work are also encouraged to seek fellowships
through Equal Justice Works (equaljusticeworks.org) and Skadden Fellowship
Foundation (skaddenfellowships.org/ ).
Applications
Submit a letter of interest, a writing sample, a résumé, and a recommendation letter to:
IPIOP Coordinator, EPIC, 1718 Connecticut Ave. N.W., Suite 200, Washington, D.C. 20009
or email ipiop@epic.org. The process is competitive. The IPIOP Program is receives
hundreds of applications for placements each year.
E P I C A F F I L I A T E D S I T E S
“This consumer group provides a wealth of information at its web site.”
–GOVERNING MAGAZINE
“In early 2008, EPIC launched “Privacy 08” (privacy08.org) to promote
public discussion about privacy in the 2008 Presidential election. EPIC also
established a presence on Facebook and created a Facebook Cause to
promote Privacy ’08.
EPIC Bookstore—bookstore.epic.org
The EPIC Bookstore offers EPIC publications and a wide range of titles on privacy, free
speech, computer security, and civil liberties. The Bookstore also showcases a growing
list of featured titles from each issue of the EPIC Alert newsletter.
Global Internet Liberty Campaign (GILC)—gilc.org
There are no borders in cyberspace. Actions by individual governments and multi-
national organizations can have a profound effect on the rights of citizens around the
world. The member organizations of GILC joined together to protect and promote
fundamental human rights such as freedom of speech and the right of privacy on
the net for users everywhere.
In Defense of Freedom (IDOF)—indefenseoffreedom.org
The IDOF coalition was established after September 11, 2001, to demonstrate public
support for the protection of Constitutional values and to provide an organizing forum
for individuals and associations pursuing issues arising from the government’s response.
The 10-point statement In Defense of Freedom, endorsed by more than 150 organizations,
300 law professors, and 40 experts in computer science, is available on the site.
Internet Free Expression Alliance (IFEA)—ifea.net
IFEA was established to ensure the continuation of the Internet as a forum for open,
diverse and unimpeded expression and to maintain the vital role the Internet plays
in providing an efficient and democratic means of distributing information around
the world.
" Thank you for
providing the informa-
tion available on
the page as well as
the work EPIC
has done concerning
these and related
matters. It is greatly
appreciated by me and
many of my peers,..."
-M.W.B.
b 23 b
b 22 b
Privacy International (PI)—privacyinternational.org
PI is a human rights group formed in 1990 as a watchdog on surveillance by govern-
ments and corporations worldwide. PI has conducted campaigns in Europe, Asia and
North America to counter abuses of privacy by way of information technology such
as ID card systems, video surveillance, data matching, police information systems,
telephone tapping, and medical records.
The Privacy Site—privacy.org
The Privacy Site, founded in 2000 as a joint project of EPIC and Privacy International,
contains the latest news, links, and resources on privacy issues, as well as action items
to engage members of the public in personal privacy advocacy.
The Public Voice—thepublicvoice.org
The Public Voice was launched to promote the participation of Non-Governmental
Organizations (NGOs) in the deliberations of international organizations, such as the
Organization for Economic Cooperation and Development (OECD), in matters concerning
Internet policy. Public Voice conferences have been held in Ottawa, Paris, Hong Kong,
Dubai, and Wroclaw.
National Committee for Voting Integrity—votingintegrity.org
The National Committee for Voting Integrity was established in 2003 to promote
voter-verified balloting and to preserve privacy protections for elections in the United
States. The National Committee is a non-partisan organization made up of leading
technical experts, lawyers, journalists, and citizens.
Privacy Coalition—privacycoalition.org
The Privacy Coalition web site was launched in 2001 to serve as an organizing tool for
a nonpartisan coalition of consumer, civil liberties, educational, family, library, labor, and
technology organizations. Members of the Privacy Coalition have agreed to the Privacy
Pledge, a framework of privacy protections endorsing limits on government surveillance
and the promotion of Fair Information Practices.
E P I C S U P P O R T E R S
Major grants to support the work of EPIC have been received from:
Arca Foundation
Bauman Foundation
BT Counterpane
Carnegie Corporation
Earthlink
Ford Foundation
Fund for Constitutional Government
HKH Foundation
W.K. Kellog Foundation
Irving Kohn Foundation
Albert List Foundation
Lutz Foundation Trust
Markle Foundation
Metromail Cy Pres Fund
Norman Foundation
Omidyar Network
Open Society Institute
Quixote Foundation
Red Hat Center
Rockefeller Family Fund
Rose Foundation
Glushko-Samuelson Foundation
Scherman Foundation
Simons Foundation
Sun Hill Foundation
Sun Microsystems
Working Assets
Zero Knowledge Systems
Additional support is provided
by contributions from individual
donors, attorneys’ fees, cy pres
funds, and the sale of publications.
b
" Thank you for your stand on privacy as recently reflected on a
C-SPAN program dealing with the NSA domestic spying issue."
-N.B.
b 25 b
b 24 b
E P I C F I N A N C E S
EPIC
STATEMENT OF ACTIVITIES
2004, 2005, 2006 AND 2007
2004
2005
2006
2007
Support and Revenue
Contributions
$ 380,205
$
78,473
$ 195,488
$ 227,540
Grants
840,473
606,250
577,500
449,750
Publications
20,319
13,624
9,976
15,450
Interest Income
45,768
49,833
77,519
89,643
Other
(5,171)
(17,165)
188,739
136,283
Total Support and Revenue
$ 1,332,044
$ 731,065
$ 1,049,222
$ 918,666
Expenses
Program
$ 933,864
$ 897,076
$ 699,312
$ 608,118
Administration
66,831
58,511
83,456
134,632
Fundraising
25,461
46,493
58,755
60,198
Total Expenses
$ 1,025,976
$1,002,080
$ 841,523
$ 802,948
Change in Net Assets
$ 306,068
$ (271,015)
$ 207,699
$
115,718
Net Assets, Jan 1
$ 1,584,383
$ 1,890,451
$ 1,619,436
$ 1,827,135
Net Assets, Dec 31
$ 1,890,451
$ 1,619,436
$ 1,827,135
$ 1,942,853
Based on report compiled by Friedman & Associates, CPA, Rockville, MD. 2007 audit by Kronzek, Fisher & Lopez, PLLC,
Washington, D.C. The current EPIC form 990 is available at the EPIC web site and at ww.guidestar.org.
EPIC
STATEMENT OF FINANCIAL POSITION
DECEMBER 31, 2007
Assets
Current Assets
$ 1,413,618
Fixed Assets
13,466
EPIC Trust
579,057
Total Assets
$2,006,141
Liabilities
Accounts payable
$
63,288
Total
$
63,288
Net Assets
General
$1,034,433
Projects
329,363
EPIC Trust
579,057
Total
$1,942,853
Total Liabilities and Net Assets
$2,006,141
The EPIC Trust was established in memory of Paul Simons.
b
b 27 b
b 26 b
E P I C B O A R D & S T A F F
EPIC Advisory Board
EPIC works closely with a distinguished
advisory board drawn from the
information law, computer science,
civil liberties and privacy communities.
Steve Aftergood
Prof. Phil Agre
Prof. Anita Allen-Castellitto,
Board Member
IPIOP Advisory Committee
Hon. John Anderson
James Bamford
Prof. Ann Bartow
IPIOP Advisory Committee
Prof. Francesca Bignami
IPIOP Advisory Committee
Prof. Christine Borgman
Prof. James Boyle
IPIOP Advisory Committee
David Burnham
Vinton G. Cerf
David Chaum
Prof. Julie E. Cohen
IPIOP Advisory Committee
Simon Davies
Whitfield Diffie
Board Member
Prof. David Farber
Hon. David Flaherty
Philip Friedman
Board Member
Austin Hill
Deborah Hurley
Chair
Prof. Jerry Kang
Board Member
Judy Krug
IPIOP Advisory Committee
Chris Larsen
Prof. Gary Marx
Mary Minow
Dr. Denise M. Nagel
Peter G. Neumann, Secretary
Prof. Eli Noam
EPIC Staff 2006–2007
Marc Rotenberg
Executive Director
Lillie Coney
Associate Director
John Verdi, Director
Open Government
Melissa Ngo
Senior Counsel
Allison Knight
Director
Privacy and Human Rights Project
Guilherme Roschke
Skadden Fellow
Simon Davies
Senior Fellow
Katitza Rodríguez Pereda
International Policy Fellow
Caitriona Fitzgerald
Technology Fellow
Harry Hammitt
Senior Fellow
Daniel Burger
Administrative Coordinator
Dr. Deborah Peel
Stephanie Perrin
Prof. Anita Ramasastry
IPIOP Advisory Committee
Prof. Ron Rivest
Prof. Pamela Samuelson
IPIOP Advisory Committee
Bruce Schneier
Board Member
Prof. Paul M. Schwartz
IPIOP Advisory Committee
Robert Ellis Smith
Prof. Daniel J. Solove
IPIOP Advisory Committee
Prof. Frank Tuerkheimer
IPIOP Advisory Committee
Edward G. Viltz
Treasurer
Willis Ware
Paul Wolfson
David Stern
IPIOP Advisory Committee
b
S U P P O R T E P I C
“As a former member of Congress and one who has spent much of his public
life working to protect Constitutional values, I am very pleased to offer my
strongest endorsement to the Electronic Privacy Information Center. EPIC
is a powerful voice in Washington. I am constantly amazed by how much this
dedicated group accomplishes. I urge you to join me and make a generous
contribution to EPIC. Together we will help ensure that civil liberties and
privacy are preserved in the Information Society.” –Hon. John Anderson,
former Presidential candidate
“EPIC does wonderful work. I admire their efforts to protect theprivacy of
Americans. Particularly at this moment when there is growing concern about
unlawful surveillance within the United States, I urge you to support the work
of EPIC.” –James Bamford, Author, The Puzzle Palace, Body of Secrets, and
A Pretext for War
If you’d like to support the work of the Electronic Privacy Information Center,
contributions are welcome and fully tax-deductible. Checks should be made out to
“EPIC” and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, D.C. 20009.
Or you can contribute online at www.epic.org/donate/. The GuideStar Database at
www.guidestar.org provides additional information about the work of EPIC. A complete
Form 990 for the current year is also available online.
b 28 b
Private contractors snooped through your passport
file at the State Department. Are you satisfied with
the steps that have been taken since?
b
"I just wanted to praise the EPIC website
and the valuable info you make available to
the public.... At the end of the year, me
and others plan on contributing a few dollars
to your organization."”-anon.