A federal appeals court ruled today that an amendment to the federal robocall ban is unconstitutional. The Telephone Consumer Protection Act prohibits automated calls to cell phones, except in emergencies or with the consent of the called party. But in 2015 Congress created an exception for calls made to collect debts guaranteed by the federal government. The court in AAPC v. FCC found that the debt-collection exemption "undercuts" the privacy protections in the law. So the court found the exception unconstitutional and struck it from the law. EPIC filed a "friend of the court" brief in Gallion v. Charter Communications, a similar case in the Ninth Circuit, arguing that "the TCPA prohibitions are needed now more than ever." EPIC has testified in support of the TCPA and has submitted extensive comments and amicus briefs on the consumer privacy law.
After soliciting public comments, the Federal Trade Commission has renewed the CAN-SPAM Rule (Controlling the Assault of Non-Solicited Pornography and Marketing). The FTC rule requires subject-line labeling of commercial emails containing sexually explicit material. The rule also clarifies that a recipient of unwanted emails may not be required to pay a fee, provide additional information or take any steps beyond sending an email or visiting a web page to opt out. In confirming the final rule, the agency specifically referenced EPIC's comments in support of the rule: "For example, the Electronic Privacy Information Center ('EPIC'), a consumer advocacy group, asserted that, '[w]hile the volume of spam is lower than it was just a few years ago, the need for the Rule continues.'" EPIC continues to push the FTC to safeguard consumer privacy with the Enforce the Order campaign, urging the agency to act against Facebook.
An EPIC Freedom of Information Act request has revealed that the Census Bureau obtains vast quantities of noncitizens' personal data from the Department of Homeland Security without having first conducted a required Privacy Impact Assessment. Under a written agreement disclosed to EPIC, the DHS transfers the "Legal Permanent Resident File" to the Bureau each year, which includes citizenship, immigration status, marital status, and other sensitive personal information. Yet the Census Bureau conducted no analysis of the privacy risks and failed to describe the personal data gathered. In EPIC v. Commerce, EPIC has charged that the Census Bureau failed to complete required Privacy Impact Assessments prior to adding the citizenship question to the 2020 Census. The Bureau concedes that it must complete the impact assessments but has so far failed to do so. EPIC's motion to halt the citizenship question will be argued before the D.C. Circuit on May 8.
