Yahoo has announced that the personal data of at least 500 million users was breached in late 2014. The breach included users’ names, email addresses, telephone numbers, dates of birth, passwords and security questions and answers. For many years, EPIC has urged the Administration and Congress to promote Privacy Enhancing Techniques that minimize or eliminate the collection of personally identifiable information. This year EPIC launched “Data Protection 2016,” a non-partisan campaign to make data protection an issue in the 2016 election, calling it “the most important, least well understood issue” of this election.
More than a dozen US consumer organizations have asked the Federal Trade Commission to pursue the complaint EPIC and the Center for Digital Democracy filed about WhatsApp’s plan to transfer user data to Facebook. The EPIC-CDD complaint said that the changes to WhatsApp contradict promises to users that personal information would not be used for marketing purposes. The FTC has said "When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises." The FTC responded that it would “carefully review” EPIC’s complaint. The consumer coalition letter urges the Commission to “fulfill its duty to protect consumer privacy, and to investigate and enjoin WhatsApp and Facebook’s proposed change in business practices.”
A federal judge has ordered the public release of 235 sealed records of government surveillance in response to a request from a journalist. EPIC has urged greater transparency of these "pen register and trap and trace" orders. As a result of a Freedom of Information Act lawsuit against the Justice Department, EPIC v. DOJ, EPIC made public formerly secret documents about the government’s use of pen registers to collect the records of private communications.
