Privacy & New Media

Epic
May 26, 2020

Through a government records request EPIC has obtained the contract between North Dakota and ProudCrowd, LLC for the Care19 contact tracing app launched in response to the COVID-19 pandemic. The one-year software license agreement between ProudCrowd and North Dakota provides the state use of the contact tracing app and use of server space. According to the state, the Care19 app generates a random ID number for each user when it is tracking users’ movements. North Dakota’s privacy policy states that the location data is kept private (not sent to third parties) and stored securely on ProudCrowd servers. The state has not explained why it would store private health data on a storage system not controlled by the government. But a recent report indicates that the Care19 app sends location data and a unique user identifier to Foursquare and a software bug tracking company called Bugfender. The app also sends the phone’s advertising ID to Google. ProudCrowd states that it will update the app and its privacy policies in the future. EPIC has told Congress that private companies must establish privacy safeguards for digital contact tracing.

The content in this post was found at:

https://epic.org/2020/05/epic-obtains-north-dakota-cont.html

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

Epic
May 29, 2020

Through a Freedom of Information request, EPIC has obtained records concerning Utah’s “Healthy Together” COVID-19 app. The documents include a presentation from Twenty Holdings, Inc., the company that developed the app, and include details of its development. The records reveal that “[o]nce the economy resumes normalcy, the App will continue to provide the mechanism to monitor any emerging risks.” It has been reported that Twenty hopes to sell the app and app back end to other states and private companies. The developers of the app plan to integrate the Apple/Google API when it is available. The app current methodology relies on collated location data from all users, rather than decentralized proximity tracking. The Utah Governor’s Office of Management and Budget found no records of any audits or independent privacy assessments of the contact tracing app. EPIC has called on Congress to ensure that government agencies and private companies establish privacy safeguards for digital contact tracing. But without audits and independent privacy assessments, contact tracing apps like Healthy Together cannot be “robust, scalable, and provable.”

The content in this post was found at:

https://epic.org/2020/05/epic-obtains-records-about-uta.html

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

Epic
June 11, 2020

Amid nationwide protests against police brutality and racist policing, three major technology firms said this week that they would abandon or prohibit law enforcement agencies from using their facial surveillance technologies. On Monday, IBM announced that it would no longer offer “general purpose IBM facial recognition or analysis software” and that it opposes the use of such technology for “mass surveillance, racial profiling, [and] violations of basic human rights and freedoms.” On Wednesday, Amazon said it would prohibit law enforcement agencies from using its facial surveillance software for one year and urged Congress to “place stronger regulations to govern the ethical use of facial recognition technology.” And on Thursday, Microsoft reiterated that it will “not sell facial-recognition technology to police departments in the United States until we have a national law in place, grounded in human rights, that will govern this technology.” EPIC has launched a campaign to Ban Face Surveillance and through the Public Voice coalition gathered the support of over 100 organizations and many leading experts across 30-plus countries. An EPIC-led coalition has also called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

The content in this post was found at:

https://epic.org/2020/06/tech-companies-pull-back-on-fa.html

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

Epic
June 23, 2020

The Indiana Supreme Court ruled today that the Fifth Amendment right against self-incrimination prevents law enforcement from compelling an individual to unlock their smartphone. The court declared that an exception to the Fifth Amendment did not apply because the type and amount of information cell phones contain make compelled production of their contents different than compelled production of physical documents, citing the Supreme Court’s decisions in Riley v. California and Carpenter v. United States. The court wrote that “the Supreme Court has hesitated to apply even entrenched doctrines to novel dilemmas, wholly unforeseen when those doctrines were created.” EPIC urged the New Jersey Supreme Court to adopt the same reasoning in State v. Andrews, arguing that, under Riley and Carpenter, individuals cannot be compelled to decrypt their cell phones. The New Jersey court has not yet issued a ruling in the case.

The content in this post was found at:
https://epic.org/2020/06/indiana-supreme-court-says-no-.html

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

Epic
June 24, 2020

In an important decision for data privacy, Germany’s Federal Court of Justice sided with antitrust regulators in a case challenging Facebook’s practice of combining user data across different sources, including WhatsApp and Instagram. The Court held that Facebook’s terms of use were abusive because they did not allow users to use the platform without also consenting to Facebook’s collection of their data from other sites. The decision emphasized Facebook’s dominant market position in Germany and recognized that Facebook thus had a special responsibility towards maintaining market competition. EPIC has repeatedly urged U.S. antitrust agencies to more aggressively regulate Facebook and other platforms, whose large mergers compromise user privacy and consolidate market power in a handful of companies. EPIC recently objected to the FTC’s settlement with Facebook. EPIC continues to work with international stakeholders to ensure user privacy.

The content in this post was found at:
https://epic.org/2020/06/germanys-highest-court-rules-f.html

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

This past week, the operator of the popular Weather Channel (“TWC”) mobile phone app entered into a Stipulation of Settlement with the Los Angeles City Attorney, Mike Feuer (“City Attorney”), closing the books on one of the first litigations to focus on the collection of locational data through mobile phones. (People v. TWC Product and Technology, LLC, No. 19STCV00605 (Cal. Super., L.A. Cty, Stipulation Aug. 14, 2020)). While the settlement appears to allow TWC to continue to use locational information for app-related services and to serve advertising (as long the app includes some agreed-upon notices and screen prompts to consumers), what is glaringly absent from the settlement is a discussion of sharing locational information with third parties for purposes other than serving advertising or performing services in the app. Because applicable law, industry practice and the policies of Apple and Google themselves have narrowed the ability to share locational information for such purposes, the allegations of the case were, in a sense, subsumed in the tsunami of attention that locational information sharing has attracted. While some are viewing this settlement as a roadmap for locational information collection and sharing, in fact the settlement is quite narrow.

The content in this post was found at:
https://newmedialaw.proskauer.com/2020/08/18/eclipsed-by-evolving-law-policy-and-technology-seminal-mobile-location-data-case-settled/

Clicking the title or link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com.

Epic
June 24, 2020

 

Yesterday, the Boston City Council voted unanimously to ban the use of facial recognition technology by the city of Boston. The ordinance noted the “racial bias in face surveillance” and makes it illegal for the city of Boston to “obtain, retain, possess, access, or use any face surveillance system.” Several municipalities in Massachusetts have already banned the use of facial recognition. EPIC previously testified before the Massachusetts Legislature in support of a bill to establish a moratorium on the use of facial recognition by state agencies. EPIC has launched a campaign to Ban Face Surveillance and through the Public Voice coalition gathered the support of over 100 organizations and many leading experts across 30 plus countries. An EPIC-led coalition has also called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

Epic
July 7, 2020

 

A federal court has rejected a challenge from internet services providers to Maine’s broadband privacy law. Enacted last year, the law prohibits broadband providers from using, disclosing, or selling consumers’ personal data without express consent. The ISPs had argued that the Maine law conflicted with Congress’s 2017 overturning of broadband privacy rules issued by the Federal Communications Commission and the FCC’s 2018 disclaimer of regulatory authority over broadband providers. But the ISPs’ “attempt to manufacture a conflict in this case is unavailing,” Judge Lance E. Walker wrote. The court also refused to hold that the Maine law violates the First Amendment or is unconstitutionally vague. EPIC has long advocated for comprehensive privacy legislation that would protect states’ ability to enact stronger privacy laws.