The Federal Trade Commission will review EPIC's March 17, 2009 complaint, which describes Google's unfair and deceptive business practices concerning the firm's Cloud Computing Services. EPIC's complaint describes numerous data breaches involving user-generated information stored by Google, including the recently reported breach of Google Docs. EPIC's complaint "raises a number of concerns about the privacy and security of information collected from consumers online," federal regulators said. EPIC urged the Commission to take "such measures as are necessary" to ensure the safety and security of information submitted to Google. Previous EPIC complaints have led the Commission to order Microsoft to revise the security standards for Passport and to require Choicepoint to change its business practices and pay $15 m in fines.
Federal Trade Commission to Review EPIC Cloud Computing Complaint, EPIC.org, March 17, 2009
EPIC filed a complaint with the Federal Trade Commission seeking an investigation into Google's Cloud Computing Services -- including Gmail, Google Docs, and Picasa -- to determine "the adequacy of the privacy and security safeguards." The petition follows the recent report of a breach of Google Docs. EPIC cited the growing dependence of American consumers, businesses, and federal agencies on cloud computing services, and urged the Commission to take "such measures as are necessary" to ensure the safety and security of information submitted to Google.
FTC Asked to Investigate Google's Privacy Breaches, Chloe Albanesius, PC World, March 18, 2009
Rod Beckstrom, Director of the National Cybersecurity Center, has resigned. In a letter to Homeland Security Secretary Janet Napolitano, Beckstrom warned of the increasing role of the National Security Agency in domestic security. The "intelligence culture is very different than a network operation or security culture... the threats to our democratic processes are significant if all top government network and monitoring are handled by any one organization... we have been unwilling to subjugate the NSCS under the NSA," wrote the former NCSC Director. The announcement follows Congressional testimony from the new Director of National Intelligence that the NSA should be responsible for network security. EPIC has long maintained that the NSA, though it plays a vital role in gathering foreign intelligence, should not be the lead agency for domestic network security because it also engages in
extensive and unregulated spying. See EPIC Computer Security Act of 1987.
National cybersecurity director resigns; cites roadblocks, USA Today, March 9, 2009
Fourteen members of the Privacy Coalition joined a letter in support of the nomination of Robert Ellis Smith, Pam Dixon, Dr. Deborah Peel, and Dr. Latanya Sweeney to serve on the Health Information Technology (HIT) Policy Committee. The announcement for the HIT Policy Committee was made in the Federal Register on February 25, with March 6, set as the deadline for nominations. The HIT Policy Committee will make recommendations on the implementation of a nationwide health information technology infrastructure to the National Coordinator for Health Information Technology.
Attorney General Eric Holder announced that the Department of Justice will make public memos and opinions concerning warrantless surveillance, and other controversial claims of Presidential authority, that were prepared in the wake of 9/11. The documents describe the basis for President Bush's domestic surveillance program. After learning of the warrantless wiretap program, EPIC sued the Department of Justice under the Freedom of Information Act to compel disclosure of legal memos concerning the program. Government lawyers subsequently disavowed the justifications for the warrantless surveillance. The National Security Agency's Warrantless Surveillance Program was based on Office of Legal Council memos and opinions.