not familiar with epic, just received this don’t see social media addiction in the email body, confused, maybe missing it somehow
---------- Forwarded message --------- From: EPIC Alert <[email protected]> Date: Thu, Oct 31, 2024 at 09:14 Subject: OpenAI complaint, tenant screening lawsuit, social media addiction litigation analysis, and more To: <[email protected]> In a complaint, EPIC called on the Federal Trade Commission to investigate OpenAI [image: EPIC Alert] *Issue 31.10**October 31, 2024* Top Updates - In a complaint, EPIC called on the Federal Trade Commission to investigate OpenAI for failing to meet established public policy standards for responsible AI use and development, offering products with unsafe security, privacy, and business practices, perpetuating unfair and deceptive practices in their product development and release, and causing significant consumer harm. ➔ <https://epic.org/press-release-epic-files-complaint-urging-the-ftc-to-investigate-openais-gpts-and-third-party-apis/> - EPIC Counsel Suzanne Bernstein testified before the DC Council Committee on Health on Oct. 17 in support of Bill 25-0930, the Consumer Health Information Privacy Protection Act. ➔ <https://epic.org/epic-testifies-in-support-of-dc-consumer-health-information-privacy-protection-act/> - EPIC and the National Association of Consumer Advocates have filed suit against tenant screening company RentGrow for unfair and deceptive practices tied to its automated tenant screening reports. ➔ <https://epic.org/press-release-epic-and-consumer-advocates-sue-tenant-screening-company-for-unfair-and-deceptive-algorithmic-practices/> Analysis from EPIC [image: Privacy laws illustration] *Featured Post:* *In Anderson v. TikTok, the ThirdCircuit Applies Questionable First Amendment Reasoning to Arrive at theCorrect Section 230 Outcome* <https://epic.org/in-anderson-v-tiktok-the-third-circuit-applies-questionable-first-amendment-reasoning-to-arrive-at-the-correct-section-230-outcome/> *Tom McBrien, EPIC Counsel* On August 27, the Third Circuit issued a decision in *Anderson v. TikTok*, an important case at the intersection of online platform accountability, Section 230, and the First Amendment. The case centered around the question of whether TikTok could invoke Section 230 of the Communications Decency Act to dismiss a lawsuit claiming that TikTok’s recommendation algorithm played a role in a child user’s accidental suicide. The opinion correctly held that Section 230 did not bar the claims to the extent that they alleged TikTok’s own algorithmic design caused the tragic circumstances, but it arrived at its decision through a questionable First Amendment analysis instead of careful Section 230 reasoning. TikTok is now asking the entire Third Circuit to re-hear the case and overturn the initial ruling. *More EPIC Analysis:* <https://epic.org/success-of-fccs-iot-cyber-trust-mark-depends-upon-meaningful-standards-transparency-and-accountability/> *California Legislative Session Roundup: Which Key Privacy and AI Bills Were Enacted and Which Were Vetoed?* <https://epic.org/california-legislative-session-roundup-which-key-privacy-and-ai-bills-were-enacted-and-which-were-vetoed/> *Kara Williams,* *EPIC Law Fellow* News *Consumer Privacy* *CFPB Finalizes Strong Personal Financial Data Rights Rule with Data Minimization Requirements* <https://epic.org/cfpb-finalizes-strong-personal-financial-data-rights-rule-with-data-minimization-requirements/> The Consumer Financial Protection Bureau has finalized new regulations to implement Section 1033 of the Dodd-Frank Act. The rule promotes financial inclusion and lays down some of the strongest consumer privacy protections in federal law. The new rule gives consumers more control over their own financial information, empowering individuals to access their financial information and share it with other financial institutions and third-party financial services providers. The rule also features robust data protection requirements for third parties authorized by a consumer to access their financial information, including data minimization obligations, limits on secondary uses of personal data, and data security standards. <https://epic.org/fcc-requires-t-mobile-to-implement-some-data-minimization-and-zero-trust-architecture/> *EPIC, NCLC and 24 Organizations Urge FCC to Protect Consumer Privacy and Security in Implementing AI Robocall Mitigation Tools* <https://epic.org/epic-nclc-and-24-organizations-urge-fcc-to-protect-consumer-privacy-and-security-in-implementing-ai-robocall-mitigation-tools/> EPIC joined the National Consumer Law Center (NCLC) and 24 other organizations in strongly urging the Federal Communications Commission to preserve consumer privacy while it considers new solutions to prevent unwanted robocalls and scam calls in light of the prevalence of AI. *FCC Requires T-Mobile to Implement Some Data Minimization and Zero-Trust Architecture* <https://epic.org/fcc-requires-t-mobile-to-implement-some-data-minimization-and-zero-trust-architecture/> The Federal Communications Commission has entered into a consent decree with T-Mobile for multiple data breaches from 2021 to 2023, requiring the company to pay fines, modernize its information security practices, and implement data minimization practices and zero trust architecture. The breaches caused a variety of customer proprietary network information and personal information to be exposed. <https://epic.org/epic-urges-cfpb-to-grant-petition-addressing-coerced-debt/> *EPIC Urges CFPB to Grant Petition Addressing Coerced Debt* <https://epic.org/epic-urges-cfpb-to-grant-petition-addressing-coerced-debt/> EPIC filed a letter comment with the Consumer Financial Protection Bureau in support of a petition by the National Consumer Law Center and the Center for Survivor Agency and Justice urging the CFPB to open a Fair Credit Reporting Act rulemaking to address issues of coerced debt. Surveillance Oversight *EPIC Urges CBP to Pause its Expansion of Facial Recognition at the Border* <https://epic.org/epic-urges-cbp-to-pause-its-expansion-of-facial-recognition-at-the-border/> EPIC submitted comments to U.S. Customs & Border Patrol urging it to refrain from expanding the use of facial recognition technology as part of its Biometric Entry-Exit Program. The proposed expansion would deploy facial recognition to identify individuals in moving vehicles crossing the border. Travelers in an estimated 2 million vehicles are expected to be captured by the technology. <https://epic.org/epic-coalition-offer-recommendations-to-strengthen-surveillance-technology-export-regulations/> *EPIC, Coalition Offer Recommendations to Strengthen Surveillance Technology Export Regulations* <https://epic.org/epic-coalition-offer-recommendations-to-strengthen-surveillance-technology-export-regulations/> EPIC joined several other organizations in comments on the U.S. Commerce Department’s proposed rule to strengthen surveillance technology export regulations. The proposed rule would help limit the proliferation of surveillance technologies “used in the facilitation of human rights violations and/or abuses.” As the coalition noted, human rights violations “close democratic space, harm the ability of human rights defenders and journalists to do their work, and undermine U.S. national security and foreign policy objectives.” <https://epic.org/epic-coalition-demand-estimate-of-u-s-persons-communications-incidentally-collected-under-fisa-section-702/> *EPIC, Coalition Demand Estimate of U.S. Persons’ Communications Incidentally Collected Under FISA Section 702* <https://epic.org/epic-coalition-demand-estimate-of-u-s-persons-communications-incidentally-collected-under-fisa-section-702/> In a letter to the Director of National Intelligence and the Director of the National Security Agency, a coalition of civil society organizations demanded the intelligence community publish the previously promised estimate of the number of U.S. persons’ communications collected “incidentally” under Section 702 of the Foreign Intelligence Surveillance Act. As the coalition notes, “this information has been requested by legislators since at least 2011, and by civil society organizations since at least 2015.” <https://epic.org/epic-and-aclu-encourage-nist-to-advance-privacy-and-equity-in-digital-identity-guidelines/> *EPIC and ACLU Encourage NIST to Advance Privacy and Equity in Digital Identity Guidelines* <https://epic.org/epic-and-aclu-encourage-nist-to-advance-privacy-and-equity-in-digital-identity-guidelines/> EPIC and the ACLU submitted joint comments urging the National Institute of Standards and Technology (NIST) to center equity, accessibility, and privacy in the Second Draft of its Digital Identity Guidelines. In addition to echoing our previous comments on the First Draft, EPIC and ACLU recommended that NIST’s Digital Identity Guidelines (1) refocus fraud management guidance around large-scale, organized fraud schemes, (2) depreciate services that rely on third-party providers or foster second-order risks within the private sector, (3) strengthen the Guidelines to promote greater equity, (4) further emphasize anonymous and pseudonymous authorization mechanisms, and (5) rethink the user groups model. AI & Human Rights *EPIC Files Complaint Urging the FTC to Investigate OpenAI’s GPTs and Third-Party APIs* <https://epic.org/press-release-epic-files-complaint-urging-the-ftc-to-investigate-openais-gpts-and-third-party-apis/> In a complaint, EPIC called on the Federal Trade Commission to investigate OpenAI for failing to meet established public policy standards for responsible AI use and development, offering products with unsafe security, privacy, and business practices, perpetuating unfair and deceptive practices in their product development and release, and causing significant consumer harm. <https://epic.org/white-house-publishes-memorandum-and-framework-for-governing-the-use-of-ai-in-national-security/> *White House Publishes Memorandum and Framework for Governing the Use of AI in National Security* <https://epic.org/white-house-publishes-memorandum-and-framework-for-governing-the-use-of-ai-in-national-security/> The Biden-Harris Administration issued a “Memorandum on Advancing the United States’ Leadership in Artificial Intelligence; Harnessing Artificial Intelligence to Fulfill National Security Objectives; and Fostering the Safety, Security, and Trustworthiness of Artificial Intelligence.” The memo fills a specific requirement of Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, which required a National Security Memorandum to be developed on the use of AI in national security systems. <https://epic.org/omb-finalizes-guidance-on-federal-government-ai-procurement/> *OMB Finalizes Guidance on Federal Government AI Procurement* <https://epic.org/omb-finalizes-guidance-on-federal-government-ai-procurement/> The Office of Management and Budget (OMB) released its final guidance on the federal government’s procurement of AI. The guidance comes after President Biden’s Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence tasked OMB with providing initial guidance on the matter, and follows OMB’s previous guidance on federal government use of AI, published in May. <https://epic.org/press-release-epic-and-consumer-advocates-sue-tenant-screening-company-for-unfair-and-deceptive-algorithmic-practices/> *EPIC and Consumer Advocates Sue Tenant Screening Company for Unfair and Deceptive Algorithmic Practices* <https://epic.org/press-release-epic-and-consumer-advocates-sue-tenant-screening-company-for-unfair-and-deceptive-algorithmic-practices/> EPIC and the National Association of Consumer Advocates have filed suit against tenant screening company, RentGrow, for unfair and deceptive practices tied to their automated tenant screening reports. The lawsuit, brought under the D.C. Consumer Protection Procedures Act, alleges that RentGrow automatically generates tenant screening reports that contain serious errors and biases. These errors and biases can cause consumers across the District—most often those from marginalized populations—to lose out on housing opportunities through no fault of their own. Worse still, the complaint alleges that RentGrow neither vets the third-party information it uses to generate tenant screening reports nor monitors its services for errors and biases that could harm consumers. Platform Accountability and Governance *EPIC Urges NY Attorney General To Center Data Minimization and Age Determination Best Practices in Rulemaking for NY SAFE for Kids Act* <https://epic.org/epic-urges-ny-attorney-general-to-center-data-minimization-and-age-determination-best-practices-in-rulemaking-for-ny-safe-for-kids-act/> EPIC submitted comments with the Center for Digital Democracy urging the New York Attorney General to center privacy and age determination best practices in its rulemaking to implement the New York SAFE for Kids Act. While the NY Safe for Kids Act does not regulate speech, EPIC encouraged the NY Attorney General to craft regulations anticipating a First Amendment challenge in line with the trend of Big Tech interests similarly challenging a broad swath of other kids’ online privacy and safety laws. Cybersecurity *EPIC Celebrates Global Encryption Day 2024* <https://epic.org/epic-celebrates-global-encryption-day-2024/> October 21 was 2024’s Global Encryption Day, a day to highlight the key role encryption plays for keeping personal information secure from prying eyes. Encryption is one of the most important technological mechanisms for protecting the privacy and security of data and data systems, but it continues to come under attack by governments seeking to maximize the reach of their investigatory powers. Privacy Laws *Privacy Laws and Amendments Go into Effect in Montana and Connecticut* <https://epic.org/privacy-laws-and-amendments-go-into-effect-in-montana-and-connecticut/> After a flurry of activity on privacy at the state level this year, two states saw their privacy legislation go into effect. Connecticut amended its Connecticut Data Privacy Act, which has been in effect since July 1, 2023. The amendments related to minors’ privacy went into effect on Oct. 1. The amendments place limits on companies’ ability to use the personal data of children and teens for targeted advertising or profiling or to sell their personal data and require companies that serve minors to conduct specialized data protection assessments. The Montana Consumer Data Privacy Act also went into effect on Oct. 1. The law is substantially the same as the unamended Connecticut Data Privacy Act. Data Protection *EPIC Testifies in Support of DC Consumer Health Information Privacy Protection Act* <https://epic.org/epic-testifies-in-support-of-dc-consumer-health-information-privacy-protection-act/> EPIC Counsel Suzanne Bernstein testified before the DC Council Committee on Health on Oct. 17 in support of Bill 25-0930, the Consumer Health Information Privacy Protection Act (CHIPPA). CHIPPA would provide privacy protections for consumer health data and is modeled closely off of Washington State’s My Health My Data Act that went into effect earlier this year. Suzanne’s testimony provided an overview of health data privacy risks that CHIPPA would mitigate and highlighted central provisions of the bill. *CFPB Issues New Guidance to Protect Workers from Digital Surveillance Using Third-Party Consumer Reporting Tools* <https://epic.org/cfpb-issues-new-guidance-to-protect-workers-from-digital-surveillance-using-third-party-consumer-reporting-tools/> The Consumer Financial Protection Bureau has issued guidance to protect workers from digital surveillance. The guidance states that companies using background dossiers, AI powered or algorithmic scoring tools, and other third-party consumer reports must adhere to the Fair Credit Reporting Act. These third-party consumer reporting tools can be used to predict worker behavior (including the likelihood that an employee will join a union or leave their job) reassign workers based on employee performance and availability, issue automated disciplinary actions to employees (often without human oversight), and evaluate workers’ social media activity. EPIC in the News *D.C. contractor sued for alleged improper screening of hopeful tenants* <https://www.washingtonpost.com/dc-md-va/2024/10/03/dc-housing-lawsuit-rentgrow/> *The Washington Post* *Neural data privacy an emerging issue as California signs protections into law* <https://therecord.media/neural-data-privacy-california-law-yuste> *The Record* *Shoppers Face A Growing Risk From Cybercrime And Retailers Must Do More* <https://www.forbes.com/sites/pamdanziger/2024/10/10/shoppers-face-a-growing-risk-from-cybercrime-and-retailers-must-do-more/> *Forbes* *No, people cannot see who you voted for after an election* <https://www.verifythis.com/article/news/verify/elections-verify/can-people-see-who-you-voted-for-after-an-election-fact-check/536-bb02fa30-b09a-44d9-8c8d-7678cbcaa986> *Verify This* *Generative AI models built on data scraped ‘indiscriminately’ are a concern, privacy group tells US FTC* <https://content.mlex.com/#/content/1605974/generative-ai-models-built-on-data-scraped-indiscriminately-are-a-concern-privacy-group-tells-us-ftc?referrer=email_instantcontentset&paddleid=204&paddleaois=2001> *MLex* *White House probes the collision of AI and personal data* <https://www.nextgov.com/digital-government/2024/10/white-house-probes-collision-ai-and-personal-data/400289/> *Next Gov* *Five ways to stop companies from using your data in new ways* <https://www.washingtonpost.com/technology/2024/10/15/meta-ai-linkedin-paypal-user-data/> *The Washington Post* *Groups Welcome Proposed Modifications to FCC Robocall Mitigation Database* <https://communicationsdaily.com/news/2024/10/17/groups-welcome-proposed-modifications-to-fcc-robocall-mitigation-database-2410160037> *Communications Daily* Issue Highlight [image: Cybersecurity illustration] <https://epic.org/issues/cybersecurity/> *Democracy & Free Speech* Free speech and privacy protections are essential to civic life and to healthy democratic processes. EPIC works to ensure that technology laws and oversight mechanisms protect our rights and support principles of democratic governance. Learn more about EPIC's Project on Democracy & Free Speech here <https://epic.org/issues/democracy-free-speech/>. [image: Defend Privacy. Support Epic.] <http://epic.org/donate> *Support Our Work* EPIC's work is funded by the support of individuals like you, who help us to continue to protect privacy, open government, and democratic values in the information age. Donate today at epic.org/donate. *Reach out to EPIC* Let us know what you think about our new EPIC Alert format! Learn about EPIC's staff here <https://epic.org/about/staff/> or contact [email protected]. [image: twitter social link] <http://www.twitter.com/epicprivacy> [image: website social link] <https://epic.org> [image: linkedin social link] <https://www.linkedin.com/company/electronic-privacy-information-center> Copyright © 2024 Electronic Privacy Information Center, All rights reserved. You received this email because you subscribed to our list. The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. The EPIC Alert doesn’t track you when you open it or click on any links. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. *Our **mailing address** is:*} Electronic Privacy Information Center (EPIC) 1519 New Hampshire Avenue NW Washington DC 20036 United States of America You can unsubscribe <https://alatus.eocampaign1.com/unsubscribe?ep=2&l=b6017eec-42d1-11ef-90d9-0f2b96dc203d&lc=ec9ccc54-42d1-11ef-9b96-7599ce1b3de6&p=9440bd60-9531-11ef-aec8-893c80f7282b&pt=campaign&pv=4&spa=1730387593&t=1730387650&s=5e24c50528d2a5162428854689487d9ef708cfec8b78e6ae0cb8bdde04c3e96d> at any time. Powered by EmailOctopus <https://alatus.eocampaign1.com/rewards?lc=ec9ccc54-42d1-11ef-9b96-7599ce1b3de6&p=9440bd60-9531-11ef-aec8-893c80f7282b&pt=campaign&t=1730387650&s=b11a4cecadaf16fc17d593986a7ae798da5fc0c2eea8c32789e5bae22d55051f>
