California Governor Jerry Brown recently signed two modern privacy laws, including a first in the nation law governing the security of the Internet of Things. SB327 sets baseline security standards for IoT devices. EPIC recently submitted comments to the Consumer Product Safety Commission recommending similar action. Governor Brown also signed a bill banning anonymous bots. The law makes it illegal to use a bot, or automated account, to mislead California residents or communicate without disclosing the identity of the actual operator. EPIC President Marc Rotenberg had earlier proposed that Asimov's Laws of Robotics be updated to require that robots reveal the basis of their decisions (Algorithmic Transparency) and that robots reveal their actual identity.
The Department of Homeland Security and FCC have rescheduled a controversial test that allows the President to suspend cell phone service and communicate directly with cell phone subscribers in the United States. The test message header is labelled "Presidential Alert" and will include the following text "THIS IS A TEST of the National Wireless Emergency Alert System. No action is needed." Cell phone users cannot opt out of the test. The President has sole authority to determine when the alert will be activated. The test will use the same special tone and vibration as with alerts for Tornado Warnings and AMBER Alerts. It is unclear why the alert is designated a "Presidential Alert" or when it may be issued. In 2006, the Department of Homeland Security established a secret procedure - "SOP 303" - to suspend cell phone services. EPIC sued the agency after government officials disabled wireless service during a peaceful protest at a San Francisco metro station in 2011.
An Inspector General report has found that a federal agency failed to establish privacy safeguards for sensitive drone communications. Custom and Border Control did not complete a privacy threshold analysis and sidestepped review by the agency privacy office. According to the IG report, the CBP also collected and stored surveillance data that "remained unprotected for more than 2 years." Through a Freedom of Information Act lawsuit, EPIC obtained a related CBP directive on Unmanned Aircraft System Operations and Privacy. In a recent statement to Congress, EPIC highlighted the unique threat drones pose to privacy and said that the Congress should "establish drone privacy safeguards that limit the risk of public surveillance" before granting new authority to federal agencies.
