Focusing public attention on emerging privacy and civil liberties issues

EPIC v. ODNI

Top News

  • Supreme Court Upholds Residents-Only Provision in Virginia Open Records Law: The Supreme Court ruled today that Virginia's freedom of information law, which allows only Virginia residents to pursue open government requests, does not violate the U.S. Constitution. Petitioners argued that the law impermissibly burdened out-of-state residents ability to provide open records services to clients, to purchase and transfer Virginia property, to access Virginia court proceedings, and to access important public information. But the Court found in McBurney v. Young that the majority of state records were available to non-residents in some form and that there was no fundamental "right to access public information" at the time the Constitution was adopted. EPIC and other open government groups filed a amicus brief arguing that residents-only provisions limit public access to information necessary for political advocacy. In 2008, EPIC obtained documents from Virginia revealing an agreement to limit oversight of a state fusion center. For more information, see EPIC: McBurney v. Young and EPIC v. Virginia Department of State Police: Fusion Center Secrecy Bill. (Apr. 29, 2013)
  • Senate Report Finds Fusion Centers "Wasteful," Likely Violate Federal Privacy Laws: A Senate Investigations Committee has released a new report on "State and Local Fusion Centers", government data warehouses that store an enormous amount of information on Americans. The Senate report found that Fusion Centers, operated by the Department of Homeland Security, "often produced irrelevant, useless or inappropriate intelligence" and stored records on U.S. persons, "possibly in violation of the Privacy Act." In 2007, EPIC's "Spotlight on Surveillance" warned that Fusion Centers would lead to "abuse and misuse." In subsequent FOIA cases, and comments to the DHS, EPIC helped document the many problems with the federal Fusion Center program, including lack of oversight and ineffective privacy safeguards. For more information, see EPIC: Information Fusion Centers and Privacy and EPIC: EPIC v. Virginia Department of State Police: Fusion Center Secrecy Bill. (Oct. 3, 2012)
  • EPIC and Others Ask Supreme Court to Review Controversial State FOI Law: EPIC, and several other leading open government organizations, have filed an amicus brief in support of a petition for Supreme Court review challenging the Virginia Freedom of Information law, which allows only Virginia residents and news media representatives to access state public records. The amicus brief argues that Virginia's "citizens-only" provision is constitutionally impermissible as it unecessarily burdens the rights of individuals and organizations outside of Virginia. This case is of particular interest to EPIC because state FOI laws are often necessary for oversight of new surveiilance programs. In 2008, EPIC brought a successful FOIA lawsuit in Virginia and obtained documents revealing an agreement to limit oversight of a State Fusion Center. For more information, see EPIC: v Virginia Department of State Police: Fusion Center Secrecy Bill. (Aug. 30, 2012)
  • 2013 Federal Budget Limits Body Scanners, But Expands Domestic Surveillance: According to White House budget documents and the Congressional Testimony of Secretary Napolitano, DHS will not purchase any new airport body scanners in 2013. However, the agency will expand a wide range of programs for monitoring and tracking individuals within the United States. This includes the development of biometric identification techniques for programs such as Secure Communities. DHS will also seek funding for "Einstein 3," a network intrusion detection program that enables surveillance of private networks. EPIC has urged the DHS to comply with the requirements of the federal Privacy Act, and is currently pursuing several Freedom of Information Act lawsuits against the agency. For more information see, EPIC - Body Scanners and Radiation Risks, EPIC - E-Verify, EPIC - Secure Communities, EPIC - Fusion Centers, EPIC - Drones, EPIC - Cybersecurity, EPIC - Secure Flight. (Feb. 20, 2012)
  • White House Budget Funds Surveillance, Ignores Public Concerns: The White House Office of Management and Budget has released the federal budget for fiscal year 2012. The stated goal of the budget is to reduce the national deficit by eliminating wasteful programs. However, the budget proposal includes funding for 275 airport body scanners, which EPIC has called "invasive, unlawful, and ineffective." There is funding for federal "fusion centers," widely viewed as unregulated government databases that are used to track people suspected of new crime. The White House budget proposes expansion of the “Secure Communities” program, which has been the target of harsh criticism by civil liberties groups. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Information Fusion Centers and Privacy. (Feb. 18, 2011)
  • EPIC Reminds DHS that "Fusion Centers" are Subject to the Federal Privacy Act: EPIC has submitted comments [1], [2] to two departments in the Department of Homeland Security concerning the establishment of federal "fusion centers" that would contained detailed personal information on US citizens. The Department of Homeland Security is seeking to exempt these databases from key protections in the Privacy Act. EPIC said that the Department must comply with Privacy Act requirements. The Media Freedom and Information Access Practicum Information Society Project at Yale Law Law School has also submitted comments on the DHS plan. For more information, see EPIC: Information Fusion Centers and Privacy, EPIC: Total Information Awareness, and EPIC v. Virginia Department of State Police (Fusion Center Secrecy Bill). (Dec. 16, 2010)
  • Public Comments Sought on Federal "Fusion Centers": The National Protection and Programs Directorate (NPPD) [1] [2] and the Office of Operations [1] [2] at the Department of Homeland Security are seeking comments on Fusion centers, intelligence databases that have raised substantial privacy concerns. Information in fusion centers comes from many sources, including government agencies, private sector firms and anonymous tipsters. EPIC has urged Congress to improve accountability and oversight of this program. An EPIC FOIA lawsuit also revealed that federal Fusion Centers undermine state privacy and open government laws. Comments are due December 15, 2010. For More Information, see EPIC: Information Fusion Centers and Privacy, EPIC: Total Information Awareness, and EPIC v. Virginia Department of State Police (Fusion Center Secrecy Bill). (Dec. 3, 2010)
  • DHS Privacy Office Releases 2010 Annual Report: The Department of Homeland Security has released the Privacy Office 2010 Annual Report. The Agency's Chief Privacy Officer must prepare an annual report to Congress that details activities of the Department that affect privacy, including complaints of privacy violations, and DHS compliance with the Privacy Act of 1974. This year’s report details the establishment of privacy officers within each component of the Agency. The report also provides updates on Fusion Centers, Cybersecurity, and Cloud Computing activities of the agency. For more information, see EPIC: DHS Privacy Office. (Sep. 24, 2010)
  • Congressional Committee Investigating Privacy Office at Homeland Security, Acknowledges Privacy Coalition Letter: House Homeland Security Committee Chairman Bennie Thompson has responded to the Privacy Coalition letter regarding the Chief Privacy Officer of the Department of Homeland Security. Chairman Thompson said that "the Committee is in the process of reviewing the programs outlined" in the letter, and thanked the Coalition for bringing the issues to the attention of the committee. He further stated that the Committee "will continue to examine the Department's programs and policies and vigorously address privacy concerns and issues." For more information, see EPIC DHS Privacy Office and Privacy Coalition. (Nov. 12, 2009)
  • Privacy Coalition Seeks Investigation of DHS Chief Privacy Office: EPIC joined the Privacy Coalition letter sent to the House Committee on Homeland Security urging them to investigate the Department of Homeland Security's (DHS) Chief Privacy Office. DHS is unrivaled in its authority to develop and deploy new systems of surveillance. The letter cited DHS use of Fusion Center, Whole Body Imaging, funding of CCTV Surveillance, and Suspicionless Electronic Border Searches as examples of where the agency is eroding privacy protections.  EPIC Fusion Centers, EPIC Whole Body Imaging, and EPIC CCTV. (Oct. 23, 2009)

Background

ODNI

EPIC has filed a Freedom of Information Act lawsuit against the Office of the Director of National Intelligence (ODNI), seeking documents related to the collection and integration of detailed personal information of US persons from databases at various levels of government. The ODNI is the top intelligence agency in the US, coordinating the activities of agencies including the CIA, the FBI, and the DHS.

NCTC

ODNI operates and maintains the National Counterterrorism Center (NCTC), a facility comprising an integrated network of electronic databases. The NCTC was established in August 2004 by Presidential Executive Order 13354, and codified by the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA). On its website, the NCTC describes its mission and purpose as "implement[ing] a key recommendation of the 9/11 Commission: 'Breaking the older mold of national government organizations, this NCTC should be a center for joint operational planning and joint intelligence, staffed by personnel from the various agencies.'" NCTC serves as the primary organization in the United States that gathers, integrates, and analyzes all counterintelligence information. It gathers this information from "all instruments of national power, including diplomatic, financial, military, intelligence, homeland security, and law enforcement to ensure unity of effort. NCTC ensures effective integration of CT plans and synchronization of operations across more than 20 government departments and agencies engaged in the War on Terror, through a single and truly joint planning process." The procedures and policies governing the NCTC's collection, storage, and use of data are outlined in a set of Guidelines ("Guidelines for Access, Retention, Use, and Dissemination by the National Counterterrorism Center (NCTC)") published by the ODNI. In March 2012, Attorney General Eric Holder approved an updated set of revised Guidelines, which expanded the NCTC's data collection and storage capabilities. Under the revised guidelines, the detailed personal information that will populate the integrated ODNI databases will be amassed from across the federal government. The data then will be kept for up to five years without the legal safeguards typically in place for personal data held by government agencies.

EPIC's FOIA Request

On March 22, 2012, the New York Times published an article describing the implementation of the Guidelines. The Times reported that not only would the new guidelines permit the NCTC to copy other agencies' databases in their entirety, but they also establish a "priority list" of agencies who data the NCTC intends to copy first. After the Guidelines' publication, EPIC filed several FOIA requests, seeking documents identifying both "priority" databases and any procedural safeguards in place to ensure accuracy and data security.

EPIC requested documents related to (1) the "priority list" of databases discussed in the NTCT Guidelines, (2) data accuracy and security safeguards, (3) agreements and disputes between ODNI and agency heads, and (4) interpretations of key standards used to identify "terrorism information."

After the ODNI failed to make a timely response to EPIC's FOIA requests, EPIC filed suit in the Washington, DC District Court. EPIC's complaint demands that ODNI conduct a reasonable search and promptly disclose responsive records.

FOIA Documents

Litigation Documents

EPIC's Complaint, August 1, 2012

ODNI's Answer, October 1, 2012

Joint Status Report and Proposed Schedule, October 15, 2012

Defendant's Motion for Summary Judgment, May 10, 2013

Plaintiff's Opposition and Cross-Motion for Summary Judgment, June 14, 2013

Defendant's Motion to Strike, June 28, 2013

Defendant's Reply and Opposition to Cross-Motion for Summary Judgment, June 28, 2013

Plaintiff's Reply, July 12, 2013

Documents Produced

Court's Opinion, October 9, 2013

Resources

EPIC's Press Release, August 2, 2012

Congressional Hearing by the Subcommittee on Oversight of Government Management, the Federal Workforce and the District of Columbia: "State of Federal Privacy and Data Security Law: Lagging Behind the Times?", July 31, 2012

The March 2012 NCTC Guidelines, March 23, 2012

The previous NCTC Guidelines, November 4, 2008

News Reports

Darlene Storm, Is US intelligence so big that counterterrorism is failing? 'Yes' say insiders, Computer World (Oct. 7, 2013)

Michael Kelley, The Paradox Of The 'War on Terror', Business Insider (Oct. 1, 2013)

Washington's Blog, “The President’s Private Army“: NSA-CIA Spying is Central to Carrying Out the Obama Administration’s Assassination Program, Global Research (Sep. 29, 2013)

Matt Sledge, National Counterterrorism Center's 'Terrorist Information' Rules Outlined In Document, Huffington Post (Feb. 15, 2013)

Kashmir Hill, The Little Known Spy Agency That Knows Your Flight Plans And Much More, Forbes (Dec. 14, 2012)

Michael Kelley, CONFIRMED: US Counterterrorism Agency Can Amass Data On Any Citizen, Business Insider (Dec. 13, 2012)

Kim Zetter, Attorney General Secretly Granted Gov. Ability to Develop and Store Dossiers on Innocent Americans, Wired (Dec. 13, 2012)

Julia Angwin, U.S. Terrorism Agency to Tap a Vast Database of Citizens , Wall Street Journal (Dec. 13, 2012)

Julia Angwin, The NCTC Controversy: a Timeline, Wall Street Journal Blog (Dec. 12, 2012)

Robert Chesney, Kill Lists, the Disposition Matrix, and the Permanent War: Thoughts on the Post Article, Lawfare (Oct. 24, 2012)

Greg Miller, Plan for hunting terrorists signals U.S. intends to keep adding names to kill lists, Washington Post (Oct. 23, 2012)

Bob Unruh, Setback for secret Big Brother database, World Net Weekly (Oct. 19, 2012)

Michael Kelley, If You Think The Counterterrorism Center's Disposition Matrix Is Scary, Look What Else They're Tracking, Business Insider (Mar. 25, 2012)

Charlie Savage, U.S. Relaxes Limits on Use of Data in Terror Analysis, The New York Times (Mar. 22, 2012)

Robert Chesney, The CIA’s Counterterrorism Center as a Combatant Command: Today’s Story in the Post and My Forthcoming Article on the Legal Aspects of Military-Intelligence Convergence, Lawfare (Sep. 2, 2011)

Greg Miller and Julie Tate, CIA shifts focus to killing targets, Washington Post (Sep. 1, 2011)

Dana Priest and William M. Arkin, A hidden world, growing beyond control, Washington Post (Jul. 19, 2010)