Jeff Cassman

Congress is currently considering passing a narrow and ineffective privacy law; they should take a more comprehensive approach as EPIC has previously recommended. The Judicial Security and Privacy Act, currently integrated into the NDAA, would in practice do very little to protect the privacy of personal information about federal judges and their families. The bill as currently written would make almost all data brokers exempt from the rules that are ostensibly meant to limit data broker sales of protected personal information. Congress should not pass a privacy and data broker bill that fails to regulate data brokers or protect consumers. 

The Judicial Security and Privacy Act purports to prohibit data brokers from knowingly selling, licensing, trading, transferring, or purchasing the personal information of those covered by the bill (judges and their close relatives). The ostensible goal is to limit access to addresses and other personal information that could pose a risk to these individuals. But the bill as written exempts any “consumer reporting agency subject to the Fair Credit Reporting Act” and any “financial institution subject to the Graham-Leach-Bliley Act.” But these are precisely the types of data brokers that buy and sell people’s personal information in ways that could put the subjects of this bill at risk. 

The entities subject to the FCRA include commercial websites like Spokeo that sell access to personally identifiable information, including contact data, marital status, age, occupation, economic health, and wealth information. And the GLBA applies to a wide range of entities that “offer financial products and services to individual” like loans and insurance. So the Judicial Security and Privacy Act would, by exempting these entities, not actually accomplish the goal of protecting judges and their families from data brokers and threats to their privacy or security. 

All Americans deserve privacy protections that actually work. That is why we urge the Senate to remove the Judicial Security and Privacy Act from the NDAA and instead work towards passing meaningful, comprehensive privacy protections for all Americans.

Continue reading

One of our goals each year is to decrease our dependency on others by increasing our skills and resources. In the city, it was convenient to pay for services and products. Living remotely, we learn to do many things ourselves or do without. I evaluate aspects of our life on a continuum from dependent to independent:

• Dependent on others
• Self-reliant
• Self-sufficient
• Self-sustaining

Given recent news reports of coronavirus and the economy, tornadoes, wildfires, and power outages, perhaps readers are applying this sort of rubric to their situations, too.

a) DEPENDENT – I judge us as dependent on items and skills/services we have to BUY ONCE A YEAR or more often. These include ANY rapidly depleted products made of petroleum (fuel, plastic) metal, glass, and paper (toilet paper!!!). We are also dependent for foods we enjoy but cannot grow, like tropical spices, coffee, citrus. Finally, we rely on skilled service providers occasionally, too, for skilled construction, machine repair, taxidermy.

b) SELF-RELIANT – This simply means things we do ourselves, whether it is baking bread or cutting down trees or canning food. For example, I buy green coffee beans and roast them. This category overlaps with the next.

c) SELF-SUFFICIENT – I define this as having the skills and products or resources on hand that will LAST 1 to 8 or 9 YEARS, before requiring replacement/renewal. These include our wind turbine, stored food (both homemade and purchased), annual foods that I grow from seed, most electric and gas tools, chickens, honeybees. (Hens lay for 3 years before aging out, and some years our honeybees overwinter but others they all die). A low cost of living is helpful to self-sufficiency, too.

d) SELF-SUSTAINING – This is the “gold standard” of independence. It encompasses products and resources on hand that can conceivably last FOREVER, or at least a DECADE without outside servicing or replenishment. Examples for us include our well and lake, accessible timber for fuel and construction, perennial fruit, herbs, and vegetables (both wild and planted/domesticated for food and home remedies), solar panels, many hand tools, and some long-lasting gas and electric tools. I also include black bear meat and the rabbits that we raise for their meat, fertilizer, and fur, since a buck and two does produce as many rabbits as we want, at a frequency and time of year that we can choose (by when we mate them). Sadly, the lake is not a self–sustaining food source. Voracious pike eliminated the prior tasty fish and are now eating each other to such an extent that the fish are vastly depleted in both number and size. To access other fish in nearby creeks, we need to maintain trails through the woods, which we have neglected.

DECREASING DEPENDENCE

Over the years, it has been something of a game for me to shave off a number of products we used to buy. In many cases, this saves money. In others, it increases our sense of competency. For example, I finally taught myself…

Continue reading here

Today, the European Commission published a draft adequacy decision on the new EU-U.S. Data Privacy Framework (EU-U.S. DPF), setting the stage for a likely challenge at the Court of Justice of the European Union (CJEU). The Commission found that the EU-U.S. DPF, along with the Biden administration’s implementing Executive Order and DOJ regulations, guarantees “essentially equivalent” protections to those in the EU, paving the way for its adoption by EU member states. In particular, the Commission found: (1) that the Executive Order’s new limitations on U.S. surveillance programs meet the EU’s “necessary and proportionate” standards; and (2) that the new redress mechanism for EU residents provides an independent and impartial means of adjudicating data rights and binding U.S. intelligence agencies.

EPIC has supported calls for enhanced privacy protections prior to establishing a new data transfer framework. EPIC recently commented on the Biden executive order, highlighting several areas of concern ahead of a likely challenge at the Court of Justice of the European Union (CJEU). “The Administration’s new Executive Order is a meaningful improvement over the prior privacy framework which has operated to the exclusion of non-U.S. persons, but these new safeguards and redress mechanism are unlikely to persuade the CJEU that U.S. law adequately protects privacy.” EPIC Executive Director Alan Butler said in October. “The new Data Protection Review Court is a step in the right direction, but the Administration must ensure that existing barriers to redress—such as notice, excessive secrecy, and undue deference to national security authorities—do not continue to stymie independent, meaningful efforts to vindicate privacy rights.”

Continue reading

In comments to the Federal Trade Commission, EPIC commended the FTC for incorporating access and deletion rights and data minimization requirements into its settlement with edtech company Chegg. Chegg, which markets subscription-based study aids and a scholarship search service, collects and stores personal information from millions of users. Although Chegg represented to consumers that it was keeping their personal information safe, Chegg’s data security practices were inadequate, resulting in multiple infiltrations by hackers. EPIC commended the FTC for taking enforcement action against companies like Chegg and using its unfairness authority as a check on harmful privacy and data security practices. EPIC also praised the terms of the FTC’s consent order, noting that “Access and deletion rights work in tandem with data minimization safeguards to enhance consumer privacy and data security.”

EPIC regularly files comments in response to proposed FTC consent orders and complaints regarding business practices that violate privacy rights. Most recently, EPIC filed comments in response to the FTC’s rulemaking on commercial surveillance calling for across-the-board data minimization requirements and data rights.

Continue reading

Today, the Organisation for Economic Co-operation and Development (OECD) announced the adoption of an agreement on government access to personal data held by private sector entities for national security and law enforcement purposes. The Declaration sets forth common principles on safeguarding privacy and rejects any approach to government access that is “inconsistent with democratic values and the rule of law.” It further notes stakeholders’ calls for identifying existing common safeguards in the context of government data purchases, government access to publicly available data, and voluntary disclosures to law enforcement and national security authorities.

EPIC’s international privacy work promotes privacy, data protection, and open government laws and policies globally. EPIC pursues international privacy and freedom of information cases and submits amicus briefs before the European Court of Human Rights and other international institutions. Through The Public Voice, EPIC also participates with civil society partners in engaging the OECD, submits review and comment on proposed regulations and frameworks, and works with international and regional privacy advocacy groups to track global privacy trends and promote international privacy rights.

Continue reading

The Federal Trade Commission today announced two historic settlements with Fortnite video game maker Epic Games for privacy and consumer protection violations. Fortnite has more than 400 million users worldwide, many of them minors. In addition to changing default privacy settings, Epic Games will be required “to pay a total of $520 million in relief over allegations the company violated the Children’s Online Privacy Protection Act (COPPA) and deployed design tricks, known as dark patterns, to dupe millions of players into making unintentional purchases.”

One settlement is a result of a federal court order filed by the Department of Justice on behalf of the FTC. The two-part complaint alleged that Epic Games violated COPPA by failing to “comply with the COPPA Rule’s parental notice, consent, review, and deletion requirements.” Independent of COPPA, the FTC also alleged that Fortnite’s default settings related to in-game voice and text communications were harmful, violating the FTC Act’s prohibition against unfair and deceptive practices. The proposed federal court order requires Epic Games to pay a $275 million monetary penalty, the largest ever obtained for an FTC rule violation. Additionally, Epic Games is required to adopt strong “default privacy settings for children and teens,” and delete personal information collected from Fortnite users in violation of COPPA.

The FTC also filed an administrative complaint alleging Epic Games violated the FTC Act by employing dark patterns to trick consumers into purchasing in-game items “without first obtaining their express informed consent,” and blocking access to purchased content. In addition to employees of Epic Games raising concerns, millions of consumers complained “about these unfair practices and disputed Epic’s unauthorized charges with their credit card providers.” As a result, the proposed administrative order will require Epic Games to pay $245 million to refund consumers. The order would also prohibit Epic Games from using dark patterns to charge consumers, and instead would require Epic Games to obtain affirmative consent.

EPIC regularly engages with the FTC on consumer protection and data protection issues, including privacy for children. The FTC previously considered EPIC’s recommendations in an early review of the COPPA Rule and incorporated several of EPIC’s recommendations in the 2013 regulations. Recently, EPIC filed comments in response to the FTC’s rulemaking on commercial surveillance, arguing for regulations that would prevent harmful dark patterns and safeguard the privacy of minors. EPIC argued that is an unfair practice to use dark patterns to nudge consumers to accept certain conditions or terms, noting that “Dark patterns are prevalent, harmful practices that undermine a consumer’s autonomy and manipulate them to their detriment.” EPIC also highlighted the unique vulnerabilities of minors to the damaging effects of commercial surveillance systems.

Continue reading

I’m writing this as an expansion of JWR’s article posted on December 8, 2022. As he noted, many office jobs can now be done from home.

This article is about how I got started in my career in Infomation Technology (IT). While bumpy at times, IT has really paid off for me financially. I hope that my article will inspire some readers to follow a similar path, which may allow them to escape the dysfunctional cities. For those who are already living in rural America, read on to find out about another way to earn income.

I got started in IT four years ago when I was working in a non-sworn capacity for a large municipal law enforcement agency in California. After I decided that I didn’t have the desire or the right personality to become sworn, I started looking for another path.

One of my cousins, who is now the president of a managed-services provider on the East Coast, suggested that I obtain the CompTIA A+ certificate. The Computer Technology Industry Association (CompTIA) A+ is the gateway certificate to many other IT career paths, such as networking and security. The certificate I just passed is CompTIA Data+. If you want to start at the very beginning — if you know absolutely nothing about computers, or you’re not sure if a career in IT is right for you – then get the CompTIA IT Fundamentals certificate.

I took a leave of absence from the agency to study for the exam. I passed on the first try. It took a few months to get my first IT job. My first IT job, which paid about the same as my job with that law enforcement agency, consisted mainly of imaging computers. Imaging is when a suite of programs is put together on an operating system (usually Windows 10 or 11) in a custom manner for a company and then installed on computers to be used by that company. The image was put on the warehouse server and we imaged about 30-50 computers at a time. We also put asset tags on the computers – these are stickers which say “Property of…” and a serial number.

Some months later, that company was bought out. Things were looking squirrely; I was worried that I might be laid off. Then a recruiter called me to ask if I wanted a job that paid more at another company which was a little farther from home. I grumbled about the extra driving, so he quickly added an extra $3 per hour to my wage. My base wage at this company, the one I work for now, was equal to the overtime wage at the previous job and at the law enforcement agency. That’s when CompTIA A+ paid off for me!! I started by helping users in person at the company office.

A few months after I started with my current company, the Covid crisis broke out. Those…

Continue reading

In a letter to Federal Trade Commission (FTC) Chair Lina Khan, Sen. Ron Wyden revealed that Neustar, which provides recursive Domain Name System (DNS) services, sold consumers’ sensitive internet metadata to researchers funded by the Department of Defense. According to Sen. Wyden’s letter, U.S. federal agencies, including the FBI and DOJ, asked the Georgia Tech researchers to run specific queries on the data and share those findings with the government. In his letter, Sen. Wyden requested that the FTC investigate whether Neustar violated the FTC Act by failing to adequately notify its consumers that Neustar was selling their data.

EPIC has a particular interest in protecting consumer privacy and has played a leading role in developing the authority of the FTC to safeguard the privacy rights of consumers. In November, EPIC submitted comments in response to the FTC’s Advance Notice of Proposed Rulemaking regarding a Trade Regulation Rule on Commercial Surveillance and Data Security. In its comments, EPIC called for the FTC to prohibit out-of-context secondary uses of consumer data, including the growing practice of data brokers providing consumer data to government agencies without a warrant.

Continue reading

The existence of iCOP has raised concerns among privacy advocates and USPS was swiftly inundated with lawsuits from the Electronic Frontier Foundation (EFF), Judicial Watch, the Electronic Privacy Information Center (EPIC), and the James Madison Project over the program.

An inspector general report was subsequently conducted and released in March which found that iCOP did not have the legal authority to conduct mass surveillance of American protestors and others and that it had “exceeded the Postal Inspection Service’s law enforcement authority.”

Read the full article here.

Continue reading

Livestock Options for Meat on a Homestead | Homesteading Simple Self Sufficient Off-The-Grid | Homesteading.com <![CDATA[ window._wpemojiSettings = {"baseUrl":"https://s.w.org/images/core/emoji/14.0.0/72×72/","ext":".png","svgUrl":"https://s.w.org/images/core/emoji/14.0.0/svg/","svgExt":".svg","source":{"concatemoji":"https://homesteading.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1"}}; /*! This file is auto-generated */ !function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.getContext&&i.getContext("2d");function s(e,t){var a=String.fromCharCode,e=(p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,e),0,0),i.toDataURL());return p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,t),0,0),e===i.toDataURL()}function c(e){var t=a.createElement("script");t.src=e,t.defer=t.type="text/javascript",a.getElementsByTagName("head")[0].appendChild(t)}for(o=Array("flag","emoji"),t.supports={everything:!0,everythingExceptFlag:!0},r=0;r tallest) { tallest = thisHeight; } }); group.height(tallest); } equalHeight($(“.dg-grid-shortcode .dg_grid-shortcode-col”)); $(window).resize(function() { equalHeight($(“.dg-grid-shortcode .dg_grid-shortcode-col”)); }); }); ]]>

Continue reading here