EPIC - Electronic Privacy Information Center

05/18/2026

EPIC Deputy Director and Policy Director Caitriona Fitzgerald spoke to The New York Times about how “no essay” college applications are essentially a raffle ticket that students pay for with their data.

“It’s a really clear example of a power asymmetry between individuals and big data companies,” she said.

Read the article here:

Unlike traditional financial aid, the prizes are awarded by random drawings. The websites, in turn, gain access to applicants’ personal information.

05/15/2026

EPIC Counsel Suzanne Bernstein testified Thursday before a New Jersey Assembly committee in support of the state's Fair Price Protection Act, a bill that would protect NJ consumers from surveillance pricing.

EPIC suggested further improvements to the bill, such as expanding its scope to include third-party delivery services and further clarifying exemptions for discounts and loyalty programs.

Learn more:

EPIC Counsel Suzanne Bernstein testified Thursday before the New Jersey Assembly Commerce and Economic Development Committee in support of a AB 4085, a bill that would protect New Jersey consumers from surveillance pricing.

05/15/2026

Yesterday, EPIC, the National Consumers League, and 5 other public interest groups submitted comments supporting the FTC's efforts to eliminate unfair and deceptive fees in online food delivery services and encouraging the agency to prohibit harmful personalized pricing practices economy-wide.

“Since the FTC has correctly determined that hidden and dripped fee practices are unfair and deceptive, there is no justification to allow some businesses to perpetrate these exact same practices while holding others accountable,” the comments read.

Learn more:

On Thursday, EPIC and the National Consumers League, along with five other public interest groups, submitted comments to the FTC supporting its efforts to eliminate unfair and deceptive fees in its online food delivery services Advanced Notice of Proposed Rulemaking (ANPRM). The comm...

05/14/2026

This week, the Colorado Legislature passed a bill that repeals significant portions of the state’s AI Act, a landmark 2024 law that regulates the use of AI in making important decisions about Coloradans’ lives.

The bill removes many important safety and testing requirements from the Act, including:

• the duty of care for developers and deployers to avoid algorithmic discrimination,

• the requirement that deployers establish risk management programs,

• the requirement that deployers conduct impact assessments, and

• reporting requirements to the Attorney General.

The bill also once again delays the law’s effective date to Jan. 1, 2027.

While EPIC is disappointed to see many of the law's key provisions be removed, we are looking forward to this law finally going into effect and providing Coloradans with long-overdue transparency about how decisions are made about their employment, housing, health care, and more.

The bill removes many important requirements from the law and again delays the effective date.

05/13/2026

For years, the surveillance state has been quietly expanding across the U.S.

Systems built to target ads and fuel tech profits have become systems of government control, and they are threatening the foundations of our democracy.

EPIC is fighting back, and we need your support. Learn more: https://epic.org/stop-the-surveillance-state/

05/13/2026

Yesterday, EPIC Counsel Tom McBrien spoke to NBC News NOW about the unfair, invasive, and increasingly widespread practice of surveillance pricing.

“It’s not supply and demand," he said. "We’re getting outside of Econ 101 here. Instead, [prices are] set by an algorithm using our personal data.”

“Do you want to pay more than your neighbor just because a company knows it can charge you more without losing your business?” McBrien asked.

We certainly don’t. Learn more about surveillance pricing and how state lawmakers are working to regulate it here: https://epic.org/issues/consumer-privacy/surveillance-pricing/

05/12/2026

People and healthcare providers in the U.S. live in a constant state of uncertainty about what’s coming next regarding reproductive health privacy.

This reality has rarely been more stark. The widely used abortion medication mifepristone can still be administered by mail, SCOTUS said yesterday — at least for the next 3 days.

Earlier this year, EPIC released a comprehensive report highlighting the role that our lack of privacy protections plays in causing and compounding harms to health outcomes in the U.S.

The report, unfortunately, is even more poignant today as the Supreme Court mulls telehealth abortion access and the health care of millions hangs in the balance.

Read the report here:

We face a health data privacy crisis. Unregulated digital technologies, mass surveillance, and weak privacy laws have created a health privacy crisis in which our health data is collected and used to profile us, manipulate our behavior, and charge us more for care. This crisis pushes people away fro...

05/11/2026

On Thursday, EPIC Law Fellow Mayu Tobin-Miyaji will speak on a panel about AI in the workplace as part of the Labor Research & Action Network’s 2026 Conference, which is being held in Atlanta.

Washington Center for Equitable Growth Associate Director of Academic Programs Christian Edlagan will moderate the discussion, which will also feature panelists from the UCLA Labor Center and the National Institute for Workers’ Rights.

Learn more here:

As part of the Labor Research & Action Network’s 2026 Conference, EPIC Law Fellow Mayu Tobin-Miyaji will participate in a panel on AI in the workplace at 10:45 a.m. on May 14 at Teamsters Local Union 728 in Atlanta, Georgia.

05/08/2026

Yesterday, EPIC submitted comments to CalPrivacy advising the agency on best practices for its data broker auditing process.

Under the California Delete Act, data brokers in the state must undergo audits every three years beginning in 2028. But we’ve found that data brokers aren’t able to accurately self-report on their activities.

We commend CalPrivacy for its work to better regulate data brokers and strongly recommend that effective audits come from enacting stringent independent testing and inspection requirements, especially for brokers using AI systems.

In response to CalPrivacy’s request for input on the state’s data broker audit requirements for processing deletion requests, EPIC submitted comments on Thursday advising the agency on best practices. 

05/07/2026

On Wednesday, EPIC and the Center for Democracy & Technology urged HUD to withdraw its proposal to collect new categories of personally identifiable information and introduce AI features to draft case summaries and email responses.

Despite the potentially serious consequences of these proposed modifications, HUD’s Notice of Intent lacks significant details about system accuracy, fitness and safety, security protocols to protect sensitive information, and accountability mechanisms for individuals whose information is processed using AI.

Even worse, it seems HUD has already been collecting new categories of information before publishing the Notice.

Learn more:

On Wednesday, EPIC and the Center for Democracy & Technology submitted comments to the Department of Housing and Urban Development in response to its recent Notice of Intent to modify its System of Records.

05/06/2026

EPIC Counsel Kara Williams testified Monday in support of an Illinois bill that would establish a clear liability framework for chatbot providers.

Based on the liability section of EPIC’s People-First Chatbot Bill, the bill states that chatbots are products for the purposes of product liability law and establishes that chatbot providers can be held strictly liable for harms their chatbots cause.

Learn more:

The bill, H.B. 5044, is based on the liability section of EPIC's People-First Chatbot Bill.