This analysis is an in-depth look at the January 2017 Executive Order 13768, Enhancing Public Safety in the Interior of the United States, and its interaction with two laws, the Privacy Act of 1974 and the Judicial Redress Act of 2015. Regardless of the reasons underlying why the order was written, a key question this analysis considers is if the order damages the EU-US Privacy Shield agreement, and what that means.
On Christmas Eve, the US National Security Agency (NSA) declassified and released 12 years of reports outlining compliance violations that were submitted to the NSA Intelligence Oversight Committee. The reports, which are required by law, had previously been classified and were the subject of a legal battle between the ACLU and the government. Although heavily redacted, the reports the NSA released of are vital interest to the public because they reveal a pattern of significant privacy violations and in some cases serious abuses in granular detail.
An important report came out today from the Privacy and Civil Liberties Oversight Board, the board that was appointed to be a privacy watchdog for the US government surveillance programs. The newly released report covers PRISM and other Section 702 surveillance programs conducted under the US Foreign Intelligence Surveillance Act. The report is complex, and provides important benchmarking on how PRISM and “upstream” surveillance programs work. The report’s recommendations, however, are what have proven to be more controversial.
This request is for a copy of every annual report made by the Department of Justice under this provision of Executive Order 13181. We prefer to have the copies in a widely available electronic format, such as a PDF file or a Word document. Having an electronic format will facilitate the posting of the reports on the World Privacy Forum’s website at www.worldprivacyforum.org. We note this is our second request for this report. Our first request was made November 29, 2007. The DOJ responded to our 2007 FOIA by saying the annual report could not be located.
This section reviews several other privacy self-regulatory activities that share some characteristics with the industry self-regulatory programs discussed above, but these activities differ in various ways. The most noticeable differences are the role of the government in the programs. The Department of Commerce is involved in the Safe Harbor Framework, and the Federal Trade Commission is involved in the Children’s Online Privacy Protection Act.