Source Code: Your daily look at what matters in tech.

source-codesource codeauthorIssie LapowskyNoneWant your finger on the pulse of everything that's happening in tech? Sign up to get David Pierce's daily newsletter.64fd3cbe9f
×

Get access to Protocol

Your information will be used in accordance with our Privacy Policy

I’m already a subscriber
People

EPIC is in turmoil after its president took a coronavirus test without telling staff. It came back positive.

Employees say Marc Rotenberg put their health at risk and undercut EPIC's message.

EPIC President Marc Rotenberg

EPIC President Marc Rotenberg's employees say he put their safety at risk and undermined their organization's resistance to invasive coronavirus surveillance.

Photo: Mark Wilson/Getty Images

A chief critic of the tech industry's attempts to track coronavirus patients went to work and held meetings with employees after his doctor directed him to take a test for COVID-19 that subsequently came back positive.

Marc Rotenberg, the president and executive director of the Electronic Privacy Information Center in Washington, D.C., acknowledged in a memo to his staff and his board that he should have quarantined and alerted his staff that he was taking a coronavirus test on March 9, instead of continuing to work alongside them for two days.

But Rotenberg's apology hasn't quelled the anger of some EPIC employees, who say he not only put their safety at risk, but also undermined their organization's resistance to invasive coronavirus surveillance.

"He's out there saying privacy trumps surveillance," said one former employee who worked there at the time. "Every time he opens his mouth, what runs through my head is: We need more surveillance."

Internal documents and interviews with several current and former employees reveal that this incident has sparked an uprising within EPIC's small team of about a dozen people, with several employees resigning — including Rotenberg's deputy, Mary Stone Ross — following Rotenberg's dual revelation that he had COVID-19 and that EPIC was facing funding difficulties. Others have written to EPIC's board, asking for substantive changes to the organization's management structure.

Rotenberg meanwhile has continued to warn Congress and the public against embracing technological tools that use location data to enable widespread coronavirus surveillance without considering the privacy implications. "Sometimes people have an almost sacrificial sense about their privacy," Rotenberg told BuzzFeed News in an article published 19 days after Rotenberg received his results. "They say things like, 'Well, if it'll help save lives for me to disclose my data, of course, I should do that.' But that's actually not the right way to solve a problem."

Rotenberg has apologized to EPIC's staff, writing in a letter reviewed by Protocol, "I am genuinely sorry for the disruption, concern and worry I may have caused to you and your family. Please know that was never my intent. I tried my best to make good decisions, given the information I had. In retrospect, there is more I should have done."

Asked to comment, Rotenberg responded by accusing a former staff member of leaking the story to Protocol. Asked again to comment, he said: "I think I said what needed to be said."

It was direct contact tracing that first alerted employees that they had been exposed to the virus. On March 11, an EPIC employee emailed the rest of the team to say he'd received a call from the Washington, D.C., department of public health. A health official told him he may have come into contact with someone who tested positive for coronavirus. In the email, the employee let his colleagues know he'd be working from home and monitoring for symptoms in order to protect the rest of the EPIC team.

But then shortly after, another staffer followed up saying they'd gotten the same call. Then another. Then another. By the end of the day, all of the advocacy group's Washington, D.C.-based employees confirmed they'd received the same warning.

Rotenberg hadn't responded to the thread, but earlier in the day, he had emailed the staff, encouraging them to work from home. "Also, social distancing is a good practice," he wrote, according to an email reviewed by Protocol. He did not mention that his COVID-19 test had come back positive that very morning.

The staffers swapped stories, wondering who might have brought the virus into the office. Some theorized it was a mail carrier. Some wondered if it had been a journalist who recently visited. Others speculated that Rotenberg, who returned from a trip to Milan in late February, might have been the source.

The next day, on March 12, Rotenberg called the entire team to a Zoom meeting and confirmed that he had, in fact, tested positive for coronavirus. He also laid out a rough timeline of his recent medical history, according to interviews with people on the call. He told them he'd returned from Milan on Feb. 22, and registered a temperature of 99.5 on March 1. At the time, that was still below what the Centers for Disease Control considered to be a symptom. But on March 5, he contacted his physician about his temperature and his recent travel to Italy, after receiving guidance from Georgetown University, where he teaches. According to the account Rotenberg gave in his apology letter, his doctor initially didn't think he needed to be tested but changed course the following day. At that point, it was Friday, and Rotenberg later told the staff he was already on a plane about to depart for Miami for the weekend. So he scheduled a test for when he returned to D.C. on Monday, March 9.

Rotenberg went to the office that Monday, Tuesday and Wednesday, and left as soon as he received the call about his results Wednesday morning. But he didn't mention any of this to his staff until the Zoom meeting that Thursday.

"We were all a little shocked," said one former employee who was on the call. "There was no sense of apology, no humility, not even, 'I thought I was responsible at the time, but looking back I would have done things differently.'"

Then Rotenberg dropped another bomb, telling the staff that EPIC only had enough money to pay people's salaries for another six months.

"It was, 'I exposed my team to a pandemic, and you might not have a job' in the same meeting," the former employee said. "Pretty rough."

"That really did it for everybody," said one current employee. "Everybody was like, 'What is going on?"

As privacy advocates, the EPIC staff understood more than most the importance of protecting employees' private health information. The nonprofit's lawyers are constant fixtures on Capitol Hill, forever butting heads with tech giants like Facebook and Google over the ways they collect and share personal data. But those employees also believed their boss had a responsibility to protect them, too. "The idea [of anonymity] is for workplace retaliation. I think that rationale is pretty strained when it's the executive director," said one of the former employees.

Even after testing positive and alerting staff, internal emails show, Rotenberg told employees he was going to the office to collect the mail, though it's unclear if he ever did. This prompted multiple employees to contact D.C.'s department of public health.

More than two weeks after the meeting, after EPIC employees wrote to members of the board with their concerns, Rotenberg sent the board and the staff a five-page letter both apologizing and defending his actions.

"I know some people are surprised and concerned that I was in the office on March 9, and I can imagine a scenario where someone else in the same situation could have stayed home to wait for a determination. In retrospect, that was obviously the better choice," Rotenberg wrote on March 30. "But at the time, and even today, that is not the CDC protocol. People are routinely tested then continue to practice social-distancing rather than self-quarantine."

For EPIC's employees — at least one of whom says they've experienced some symptoms consistent with the virus — this is hardly enough. Beyond the concerns for their own safety, the employees Protocol spoke with say Rotenberg's behavior gives those who might like to expand surveillance of coronavirus patients — and the rest of the population — the very excuse they need. "It rubs us all the wrong way when we see him quoted in the press talking about contact-tracing privacy issues when he's violating the guidelines," a former employee said.


Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.


In his letter to the staff and the board, Rotenberg said he followed all CDC protocols as they stood at the time. His letter didn't address whether he went to the office to check the mail after being diagnosed.

Of course, there's also Rotenberg's privacy to consider. EPIC's employees say they thought a lot about that before sharing this information publicly. But they argue that, in this situation, the risks to him maintaining his privacy outweighed the benefits.

"Privacy is something that's constantly weighed against other things," one current employee said. "It doesn't make sense for it to be absolute."

Protocol | Workplace

The Activision Blizzard lawsuit has opened the floodgates

An employee walkout, a tumbling stock price and damning new reports of misconduct.

Activision Blizzard is being sued for widespread sexism, harassment and discrimination.

Photo: Bloomberg/Getty Images

Activision Blizzard is in crisis mode. The World of Warcraft publisher was the subject of a shocking lawsuit filed by California's Department of Fair Employment and Housing last week over claims of widespread sexism, harassment and discrimination against female employees. The resulting fallout has only intensified by the day, culminating in a 500-person walkout at the headquarters of Blizzard Entertainment in Irvine on Wednesday.

The company's stock price has tumbled nearly 10% this week, and CEO Bobby Kotick acknowledged in a message to employees Tuesday that Activision Blizzard's initial response was "tone deaf." Meanwhile, there has been a continuous stream of new reports unearthing horrendous misconduct as more and more former and current employees speak out about the working conditions and alleged rampant misogyny at one of the video game industry's largest and most powerful employers.

Keep Reading Show less
Nick Statt
Nick Statt is Protocol's video game reporter. Prior to joining Protocol, he was news editor at The Verge covering the gaming industry, mobile apps and antitrust out of San Francisco, in addition to managing coverage of Silicon Valley tech giants and startups. He now resides in Rochester, New York, home of the garbage plate and, completely coincidentally, the World Video Game Hall of Fame. He can be reached at nstatt@protocol.com.

Over the last year, financial institutions have experienced unprecedented demand from their customers for exposure to cryptocurrency, and we've seen an inflow of institutional dollars driving bitcoin and other cryptocurrencies to record prices. Some banks have already launched cryptocurrency programs, but many more are evaluating the market.

That's why we've created the Crypto Maturity Model: an iterative roadmap for cryptocurrency product rollout, enabling financial institutions to evaluate market opportunities while addressing compliance requirements.

Keep Reading Show less
Caitlin Barnett, Chainanalysis
Caitlin’s legal and compliance experience encompasses both cryptocurrency and traditional finance. As Director of Regulation and Compliance at Chainalysis, she helps leading financial institutions strategize and build compliance programs in order to adopt cryptocurrencies and offer new products to their customers. In addition, Caitlin helps facilitate dialogue with regulators and the industry on key policy issues within the cryptocurrency industry.
Protocol | Workplace

Founder sues the company that acquired her startup

Knoq founder Kendall Hope Tucker is suing the company that acquired her startup for discrimination, retaliation and fraud.

Kendall Hope Tucker, founder of Knoq, is suing Ad Practitioners, which acquired her company last year.

Photo: Kendall Hope Tucker

Kendall Hope Tucker felt excited when she sold her startup last December. Tucker, the founder of Knoq, was sad to "give up control of a company [she] had poured five years of [her] heart, soul and energy into building," she told Protocol, but ultimately felt hopeful that selling it to digital media company Ad Practitioners was the best financial outcome for her, her team and her investors. Now, seven months later, Tucker is suing Ad Practitioners alleging discrimination, retaliation and fraud.

Knoq found success selling its door-to-door sales and analytics services to companies such as Google Fiber, Inspire Energy, Fluent Home and others. Knoq representatives would walk around neighborhoods, knocking on doors to market its customers' products and services. The pandemic, however, threw a wrench in its business. Prior to the acquisition, Knoq says it raised $6.5 million from Initialized Capital, Haystack.vc, Techstars and others.

Keep Reading Show less
Megan Rose Dickey
Megan Rose Dickey is a senior reporter at Protocol covering labor and diversity in tech. Prior to joining Protocol, she was a senior reporter at TechCrunch and a reporter at Business Insider.
dei
Protocol | Workplace

What’s the purpose of a chief purpose officer?

Cisco's EVP and chief people, policy & purpose officer shares how the company is creating a more conscious and hybrid work culture.

Like many large organizations, the leaders at Cisco spent much of the past year working to ensure their employees had an inclusive and flexible workplace while everyone worked from home during the pandemic. In doing so, they brought a new role into the mix. In March 2021 Francine Katsoudas transitioned from EVP and chief people officer to chief people, policy & purpose Officer.

For many, the role of a purpose officer is new. Purpose officers hold their companies accountable to their mission and the people who work for them. In a conversation with Protocol, Katsoudas shared how she is thinking about the expanded role and the future of hybrid work at Cisco.

Keep Reading Show less
Amber Burton

Amber Burton (@amberbburton) is a reporter at Protocol. Previously, she covered personal finance and diversity in business at The Wall Street Journal. She earned an M.S. in Strategic Communications from Columbia University and B.A. in English and Journalism from Wake Forest University. She lives in North Carolina.

Protocol | Fintech

The digital dollar is coming. The payments industry is worried.

Jodie Kelley heads the Electronic Transactions Association. The trade group's members, who process $7 trillion a year in payments, want a say in the digital currency.

Jodie Kelley is CEO of the Electronic Transactions Association.

Photo: Electronic Transactions Association

The Electronic Transactions Association launched in 1990 just as new technologies, led by the World Wide Web, began upending the world of commerce and finance.

The disruption hasn't stopped.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.

Latest Stories