2/15. Rep. Henry Waxman (D-CA) and Rep. G. K. Butterfield (D-NC) sent a letter [PDF] to Apple regarding the social networking app named "Path", and which accessed and collected the contents of iPhone address books without obtaining the consent of the owner.

The two Representatives wrote that "This incident raises questions about whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts."

They also suggested that it may be common practice for iOS developers to copy and store entire iPhone address books without the permission of the owners, or interference from Apple.

They also propounded numerous interrogatories to be answered by Apple by February 29, 2012.

For example, they asked Apple to "describe all iOS App Guidelines that concern criteria related to the privacy and security of data that will be accessed or transmit1ed by an app", and "describe how you determine whether an app meets those criteria".

They also asked Apple to disclose the number of iOS apps in the U.S. iTunes Store that transmit data about a user, and the number that transmit information from the address book.

Rep. Waxman is the ranking Democrat on the House Commerce Committee (HCC). Rep. Butterfield is a member of the HCC. If the House were to pass legislation regarding the privacy related practices of companies like Apple, it would derive from the HCC.

See also, Rep. Butterfield's release.

The Association for Competitive Technology (ACT) stated in a release that "Apple has taken the appropriate steps to ensure that users have full control over their contact lists and address book. What is most important to app developers is the customers' confidence that the apps they use won’t mislead them or abuse their trust. We depend on the trust of our users and the whole app industry suffers when bad actors are allowed to misuse consumers’ private information."

1/26. Google submitted a report [14 pages in PDF] to the Federal Trade Commission (FTC), as required by the Decision and Order [7 pages in PDF] dated October 13, 2011, in which it addresses, among other things, its new privacy policy scheduled to take effect on March 1, 2012.

On March 30, 2011, the FTC issued an administrative complaint [8 pages in PDF] against Google alleging that it violated FTC Act, and the US-EU Safe Harbor Framework, in connection with the initial launch of its Buzz social networking service. The FTC and Google simultaneously entered into an Agreement Containing Consent Order [9 pages in PDF] which mandated a comprehensive privacy program for Google, and required a compliance report by Google, among other things. See, story titled "FTC Issues and Settles Complaint Against Google" in TLJ Daily E-Mail Alert No. 2,213, March 31, 2011.

The FTC requested and received public comments. The FTC issued its final Decision and Order [7 pages in PDF] on October 13, 2011.

The Electronic Privacy Information Center (EPIC) filed a complaint with the FTC on February 6, 2011, regarding Google's newly launched of Buzz service. That complaint may have been a causal factor in the FTC's decision to act against Google.

The EPIC wrote in its web site that Google's January 26 compliance report "raises new questions about the company's failure to comply with" the FTC's order.

The EPIC wrote that "The Order required Google to answer detailed questions about how it protects the personal information of Google users. But Google chose not to answer many of the questions. Most significantly, the company did not explain to the Commission the impact on user privacy of the proposed changes that will take place on March 1."

See also, related story in this issue titled "EPIC Sues FTC to Compel Enforcement of Google Privacy Order".

2/8. The Electronic Privacy Information Center (EPIC) filed a complaint [9 pages in PDF] in the U.S. District Court (DC) against the Federal Trade Commission (FTC) alleging that the FTC has failed to enforce its Decision and Order [7 pages in PDF] dated October 13, 2011, which relates to Google's privacy related practices.

The EPIC seeks "injunctive relief compelling the FTC to enforce the consent order". The EPIC wants the FTC to block Google from implementing parts of its new privacy policy, scheduled to take effect on March 1.

The complaint does not name Google as a defendant.

The EPIC alleges that Google's pending changes to its privacy policies violate the October 13 order, that the FTC has failed to take action to prevent such violation, and that the District Court should compel the FTC to take action against Google, before March 1.

The EPIC states in its complaint that "Rather than keeping personal information about a user of a given Google service separate from information gathered from other Google services, Google will consolidate user data from across its services and create a single merged profile for each user."

Consequently, the EPIC alleges, "Users will no longer be able to keep the personal information they provided to use the Google email service for simply that service; Google will be able to combine the user information provided for email with other Google services, including the Google social network service."

The complaint alleges that this violates the order by "misrepresenting the extent to which it maintains and protects the privacy and confidentiality of covered information", by "misrepresenting the extent to which it complies with the U.S.-EU Safe Harbor Framework", by "failing to obtain affirmative consent from users prior to sharing their information with third parties", and by "failing to comply with the requirements of a comprehensive privacy program".

Whether Google has violated the order constitutes one set of issues. However, the EPIC faces a range of other obstacles, such as whether it has standing to bring this action, whether there is a justiciable final agency action, whether there is a case or controversy within the meaning of Article III of the Constitution, whether this is a matter committed to agency discretion, and whether the FTC can be compelled to enforce this order.

The EPIC also filed a Motion for Temporary Restraining Order and Preliminary Injunction [30 pages in PDF] with the District Court on February 8. The District Court set accelerated pleading deadlines. The FTC's opposition is due by February 17. The EPIC's reply is due February 21.

The EPIC asserts as authority for the proposition that the District Court can compel enforcement of the order the Administrative Procedure Act (APA), which, at 5 U.S.C. § 706, provides that "The reviewing court shall ... compel agency action unlawfully withheld or unreasonably delayed".

The EPIC does not cite other relevant APA provisions, such as 5 U.S.C. § 704, which provides that judicial review is limited to an "Agency action made reviewable by statute and final agency action".

This case is Electronic Privacy Information Center v. the Federal Trade Commission, D.C. No. 12-00206-JAB, U.S. District Court for the District of Columbia.

2/1. Leaders of the House Commerce Committee (HCC) and other Representatives sent a letter to Google on January 26, 2012, regarding its announcement that it will consolidate some of its privacy policies. Google responded by letter dated January 30.

Google announced in a release on January 24 that it currently has 70 "privacy documents", and that it is "rolling out a new main privacy policy that covers the majority of our products" that will take effect on March 1. Google noted that "Regulators globally have been calling for shorter, simpler privacy policies".

The six Representatives wrote that "While Google suggests that the purpose of this shift in policy is to make the consumer experience simpler, we want to make sure it does not make protecting consumer privacy more complicated."

They also propounded numerous interrogatories. For example, they ask Google to "describe all information that Google collects from its consumers now", and ask "How will this information change after the new privacy policy has been implemented?"

The six who signed the letter are Rep. Henry Waxman (D-CA), Rep. Cliff Stearns (R-FL), Rep. Ed Markey (D-MA), Rep. Joe Barton (R-TX), Rep. Diana DeGette (D-CO), Rep. Marsha Blackburn (R-TN), Rep. G. K. Butterfield (D-NC), and Rep. Jackie Speier (D-CA).

See also, Google's January 26 release, January 31 release, and February 1 release.

1/31. Rep. Ed Markey (D-MA), Rep. Joe Barton (R-TX), and five other Representatives sent a letter to the Federal Trade Commission (FTC) regarding facial recognition technologies. However, they did not urge the FTC either to take action against any person or entity, or to write any new rules.

The FTC held a workshop titled "Face Facts: A Forum on Facial Recognition Technology" on December 8, 2011. See, the FTC's web page for this event.

The Representatives wrote that "We are deeply concerned about how the use of these technologies impact the level of protection for consumer's personal information."

They stated that "As companies continue to develop and deploy these new technologies, clear policies guiding the implementation, operation, and maintenance of thee technologies are essential. Companies must also be transparent about the usage of consumer's personal information. Finally, consumers should have the choice to affirmatively opt-in to being subject to facial recognition or detection."

Rep. Jackie Speier (D-CA), Rep. Blake Farenhold (R-TX), Rep. Steve Chabot (R-OH), Rep. Raul Grijalva (D-AZ), and Rep. Michael Burgess (R-TX) also signed this letter.

2/10. The Washington Post published a story on February 9, 2012, titled "Iran increasingly controls its Internet", by Thomas Erdbrink.

The Washington Post article states that "Iran's leaders are trying to get control over what is uploaded, posted and discussed on the Internet. And after a slow start, authorities are becoming more and more successful". In particular, software that enabled internet users in Iran to bypass the government's firewall "has stopped working".

Ed Black, head of the Computer and Communications Industry Association (CCIA), stated in a release on February 10 that "This appears to be another step toward creating a firewall in Iran to block access to the global Internet. Some have expressed concern this heralds the creation of a National Internet that would keep Iranian citizens within a walled-off domestic network much like an office Internet."

He wrote that "the US government and others who care about liberty need to speak out or sound alarms early when nations first place restrictions on the Internet so that the Internet is used as a tool for freedom not repression."

2/6. The United Kingdom's House of Commons' Home Affairs Committee released a report [184 pages in PDF] titled "Roots of violent radicalisation".

It concludes that "it proved difficult for us to gain a clear understanding of where violent radicalisation takes place. In terms of the four sectors we explored -- universities, prisons, religious institutions and the internet -- we conclude that religious institutions are not a major cause for concern but that the internet does play a role in violent radicalisation, although a level of face-to-face interaction is also usually required. The role of prisons and universities was less obvious."

The UK's Terrorism Act 2006 includes a notice and take down provision under which service providers are required to take down content after the government has notified them that the content is illegal terrorist content under UK law.

However, this does not reach content hosted outside of the UK. Also, service providers have no duty to monitor and take down violent extremist content on their own initiative.

The just released report states that the UK's Counter-Terrorism Internet Referral Unit "does limited but valuable work in challenging internet service providers to remove violent extremist material where it contravenes the law."

It recommends that "the Government work with internet service providers in the UK to develop a Code of Conduct committing them to removing violent extremist material, as defined for the purposes of section 3 of the Terrorism Act 2006. Many relevant websites are hosted abroad: the Government should also therefore strive towards greater international cooperation to tackle this issue."

It further concludes that "Given the impossibility of completely ridding the internet of violent extremist material, it is important to support defences against it. We support the Government’s approach to empowering civil society groups to counter extremist ideology online. The whole area of communications technology and social networking is complex and extremely fast-moving. A form of interaction that is commonly used by thousands or even millions of people at one point in time may only have been developed a matter of months or even weeks earlier. It follows that legislation and regulation struggle to keep up and can provide a blunt instrument at best."

Tech Law Journal publishes a free access web site and a subscription e-mail alert. The basic rate for a subscription to the TLJ Daily E-Mail Alert is $250 per year for a single recipient. There are discounts for subscribers with multiple recipients.

Free one month trial subscriptions are available. Also, free subscriptions are available for federal elected officials, and employees of the Congress, courts, and executive branch. The TLJ web site is free access. However, copies of the TLJ Daily E-Mail Alert are not published in the web site until two months after writing.

For information about subscriptions, see subscription information page.

Tech Law Journal now accepts credit card payments. See, TLJ credit card payments page.

TLJ is published by David Carney
Contact: 202-364-8882.
carney at techlawjournal dot com
3034 Newark St. NW, Washington DC, 20008.

Privacy Policy
Notices & Disclaimers
Copyright 1998-2012 David Carney. All rights reserved.

The House will meet at 10:00 AM for morning hour, and at 12:00 NOON for legislative business. It will consider HR 3408 [LOC | WW], the "Protecting Investment in Oil Shale the Next Generation of Environmental, Energy, and Resource Security Act" or "PIONEERS Act". See, Rep. Cantor's schedule for the week.

The Senate will meet at 10:00 AM. It will resume consideration of S 1813 [LOC | WW], a huge bill pertaining to highways and surface transportation. Sections 2301-2306 pertain to the National Intelligent Transportation System, and a 5.9 GHz short range vehicle to vehicle and vehicle to infrastructure communications systems.

8:15 - 10:00 AM. InfraGard and Symantec will host an event titled "InfraGard Critical Sector on Cyber Policy 2012". The speakers will include Rep. Mike Rogers (R-MI). For more information, contact Sheri Donahue at sdonahue at infragardmembers dot org or 502-649-3102. Location: Murrow Room, National Press Club, 13th Floor, 529 14th St. NW.

9:00 AM. The House Commerce Committee's (HCC) Subcommittee on Communications and Technology will hold a hearing titled "Budget and Spending of the Federal Communications Commission". The witnesses will be Julius Genachowski (FCC Chairman), David Hunt (FCC Inspector General), and Scott Barash (head of the FCC's Universal Service Administrative Company). See, notice. Location: Room 2123, Rayburn Building.

9:30 - 11:00 AM. The New America Foundation (NAF) will host an event titled "Public Diplomacy in the Age of Social Media". The speakers will be Suzanne Hall (Department of State), Nick Namba (DOS), Ed Dunn (DOS), and Alexander Howard. See, notice. Location: NAF, Suite 400, 1899 L St., NW.

10:00 AM. The House Financial Services Committee (HFSC) will meet to mark up several bills, including HR 3606 [LOC | WW], the "Reopening American Capital Markets to Emerging Growth Companies Act of 2011". See, notice. Location: Room 2128, Rayburn Building.

10:00 AM. The House Intelligence Committee (HIC) will hold a closed hearing titled "Ongoing Intelligence Activities". See, notice. Location: HVC-304, Capitol Visitor Center.

10:00 AM. The House Homeland Security Committee's (HHSC) Subcommittee on Counterterrorism and Intelligence will hold a hearing titled "DHS Monitoring of Social Networking and Media: Enhancing Intelligence Gathering and Ensuring Privacy". The witnesses will be Mary Ellen Callahan (Chief Privacy Officer of the Department of Homeland Security) and Richard Chávez (Director of the DHS's Office of Operations, Coordination and Planning). The HHSC will webcast this event. See, notice. Location: Room 311, Cannon Building.

10:00 AM. The Senate Judiciary Committee (DJC) will hold an executive business meeting. The agenda includes consideration of the nomination of Andrew Hurwitz to be a Judge of the U.S. Court of Appeals (9thCir), and four nominations for the U.S. District Court (USDC): John Lee (USDC/NDIll), John Tharp (USDC/NDIll), George Russell (USDC/DMd), and Kristine Baker (USDC/(EDArk). See, notice. The SJC will webcast this meeting. Location: Room 226, Dirksen Building.

12:15 - 2:00 PM. The Federal Communications Bar Association (FCBA) will host a lunch. The speakers will address distracted driving. The price to attend is $17. Registrations and cancellations are due by 12:00 NOON on February 14. Location: Wiley Rein, 1776 K St., NW.

1:45 PM. The American Enterprise Institute (AEI) will host a panel discussion titled "Xi's Visit: What's Next for U.S.-China Relations". The speakers will be Dan Blumenthal (AEI), Ellen Bork (Foreign Policy Initiative), Derek Scissors (Heritage Foundation), and Michael Mazza (AEI). Free. Open to the public. See, notice. Location: AEI, 12th floor, 1150 17th St., NW.

2:00 PM. The New America Foundation (NAF), Wireless Innovation Alliance (WIA), and Wireless Internet Service Provider Association (WISPA) will host an event titled "Jumpstarting the Unlicensed Internet Economy". The speakers will include Rep. Darrell Issa (R-CA), Rep. Anna Eshoo (D-CA), Peter Stanforth (Spectrum Bridge), and Dan Bubb (Gorge Networks). Location: Room HVC-215, Capitol Visitor Center.

2:30 PM. The Senate Homeland Security and Government Affairs Committee (SHSGAC) will hold a hearing titled "Securing America's Future: The Cybersecurity Act of 2012". The witnesses will be Sen. John Rockefeller (D-WV), Janet Napolitano (Secretary of Homeland Security), Thomas Ridge (U.S. Chamber of Commerce), Stewart Baker (Steptoe & Johnson), James Lewis (Center for Strategic and International Studies), Scott Charney (Microsoft). See, notice. The SHSGAC will webcast this hearing. Location: Room 342, Dirksen Building.

POSTPONED. 2:30 PM. The Senate Intelligence Committee (SIC) will hold a closed meeting. See, notice. Location: Room 219, Hart Building.

3:15 PM. Sen. John Rockefeller (D-WV), Sen. Charles Schumer (D-SC), and Sen. Kirsten Gillibrand (D-NY) will hold a news conference regarding a public safety communications network for first responders. Location: Room S-325, Capitol Building.

6:00 - 8:15 PM. The Federal Communications Bar Association's (FCBA) Mass Media and the Video Programming & Distribution Committees will host an event titled "Update on Political Advertising Issues". CLE credits. Prices vary. See, notice. Location: Wiley Rein, 1776 K St., NW.

The House will meet at 9:00 AM for legislative business. See, Rep. Cantor's schedule for the week.

Supreme Court conference day. See, calendar. Closed.

9:00 AM. The American Bar Association (ABA) will host a teleconferenced event titled "Global Antitrust Developments Series: India & China". The speakers will be Catriona Hatton (Hogan Lovells), Kirtikumar Mehta, and Adrian Emch (Hogan Lovells, Beijing office, and Peking University's IP School). No CLE credits. See, notice.

9:30 AM. The House Judiciary Committee's (HJC) Subcommittee on Intellectual Property, Competition and the Internet will hold a hearing titled "Litigation as a Predatory Practice". See, notice. Location: Room 2147, Rayburn Building.

9:30 - 11:30 AM. The House Oversight and Government Reform Committee (HOGRC) Subcommittee on Technology, Information Policy, Intergovernmental Relations and Procurement Reform will hold a hearing titled "Examining Duplicative IT Investments at DOD and DOE". The HOGRC will webcast this hearing live. Location: Room 2154, Rayburn Building.

9:30 AM. The House Science Committee (HSC) will hold a hearing titled "An Overview of the Administration’s Federal Research and Development Budget for Fiscal Year 2013". The witness will be John Holdren (head of the EOP's Office of Science and Technology Policy. See, notice. Location: Room 2318, Rayburn Building.

10:00 AM - 4:30 PM. The U.S. Patent and Trademark Office (USPTO) will host a public event to discuss and receive public comments on proposed rules changes that implement HR 1249 [LOC | WW], the "Leahy Smith America Invents Act", or "AIA", which was signed into law in September of 2011. See, USPTO release and AIA web page. See also, stories titled "USPTO Announces America Invents Act Implementation Rulemaking Proceedings" in TLJ Daily E-Mail Alert No. 2,322, January 9, 2012, and "USPTO to Hold Public Meetings on AIA Rules Changes" in TLJ Daily E-Mail Alert No. 2,323, January 10, 2011. Location: USPTO Campus, Alexandria, VA.

12:00 NOON - 1:00 PM. Mark Ryan, the new Director of Litigation of the Department of Justice's (DOJ) Antitrust Division, will speak at an on site and teleconferenced event hosted by the American Bar Association (ABA). No CLE credits. Free. See, notice. Location: Kirkland & Ellis, 655 15th St., NW.

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its draft SP 800-117 Rev. 1 [26 pages in PDF] titled "Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.2".

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its draft NIST IR-7817 [22 pages in PDF] titled "A Credential Reliability and Revocation Model for Federated Identities".

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its draft NIST IR-7799 [75 pages in PDF] titled "Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications".

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its draft NIST IR-7756 [35 pages in PDF] titled "CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture".

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its draft NIST IR-7800 [29 pages in PDF] titled "Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains".

Deadline for the Federal Trade Commission (FTC) to file its opposition to Electronic Privacy Information Center's (EPIC) Motion for Temporary Restraining Order and Preliminary Injunction [30 pages in PDF] with the U.S. District Court (DC). This action pertains to whether Google's new privacy policy, scheduled to take effect on March 1, violates the FTC's Decision and Order [7 pages in PDF] dated October 13, 2011.

Washington's Birthday. This is a federal holiday. See, OPM list of 2012 federal holidays.

The House will not meet on the week of Monday, February 20, through Friday, February 24.

The Senate will not meet on the week of Monday, February 20, through Friday, February 24.

The House will not meet.

The Senate will not meet.

12:15 - 2:00 PM. The Federal Communications Bar Association's (FCBA) Engineering and Technical Practice Committee will host a brown bag lunch. The topic will be three federal advisory committees: the President's Council of Advisors on Science and Technology (PCAST), the NTIA's Commerce Spectrum Management Advisory Committee (CSMAC) and the FCC's Technology Advisory Committee (TAC). For more information, contact Steve Sharkey at steve dot sharkey at t-mobile dot com. Location: T-Mobile, Suite 800, 601 Pennsylvania Ave., NW, North Building.

12:15 - 2:00 PM. The Federal Communications Bar Association (FCBA) will host a brown bag lunch titled "The First Amendment in Telecom Law". The speakers will be Jacob Lewis (FCC Associate General Counsel), Chuck Tobin (Holland & Knight), Coriell Wright (Free Press), Megan Brown (Wiley Rein). For more information, contact Drew Shenkman at drew dot shenkman at hklaw dot com or Brendan Carr at Bcarr at wileyrein dot com.). Location: Holland & Knight, Suite 100, 2099 Pennsylvania Ave., NW.

Deadline for the Electronic Privacy Information Center's (EPIC) to file its reply to the Federal Trade Commission's (FTC) opposition to its Motion for Temporary Restraining Order and Preliminary Injunction [30 pages in PDF]. This action pertains to whether Google's new privacy policy, scheduled to take effect on March 1, violates the FTC's Decision and Order [7 pages in PDF] dated October 13, 2011.

Ash Wednesday.

The House will not meet.

The Senate will not meet.

The House will not meet.

The Senate will not meet.

10:00 - 11:30 AM. The Information Technology and Innovation Foundation (ITIF) will host an event titled "Eddie Lazarus Reflects on a Dramatic Tenure as Chief of Staff of the FCC". See, notice. Location: ITIF/ITIC: Suite 610, 1101 K St., NW.