Press Releases: October 2013
Government Damaged the Backbone of the Internet When It Demanded Email Service’s Private Encryption Key
San Francisco - Federal law enforcement officers compromised the backbone of the Internet and violated the Fourth Amendment when they demanded private encryption keys from the email provider Lavabit, the Electronic Frontier Foundation (EFF) argues in a brief submitted Thursday afternoon to the US Court of Appeals for the Fourth Circuit. In the amicus brief, EFF asks the panel to overturn a contempt-of-court finding against Lavabit and its owner Ladar Levison for resisting a government subpoena and search warrant that would have put the private communications and data of Lavabit's 400,000 customers at risk of exposure to the government.
For nearly two decades, secure Internet communication has relied on HTTPS, a encryption system in which there are two keys: A public key that anyone can use to encrypt communications to a service provider, and a private key that only the service provide can use to decrypt the messages.
In July, the Department of Justice demanded Lavabit's private key—first with a subpoena, then with a search warrant. Although the government was investigating a single user, having access to the private key means the government would have the power to read all of Lavabit's customers' communications. The target of the investigation has not been named, but journalists have noted that the requests came shortly after reports that NSA whistleblower Edward Snowden used a Lavabit email account to communicate.
"Obtaining a warrant for a service's private key is no different than obtaining a warrant to search all the houses in a city to find the papers of one suspect," EFF Senior Staff Attorney Jennifer Lynch said. "This case represents an unprecedented use of subpoena power, with the government claiming it can compel a disclosure that would, in one fell swoop, expose the communications of every single one of Lavabit's users to government scrutiny."
EFF's concerns reach beyond this individual case, since the integrity of HTTPS is employed almost universally over the Internet, including in commercial, medical and financial transactions.
"When a private key has been discovered or disclosed to another party, all users' past and future communications are compromised," EFF Staff Technologist Dan Auerbach said. "If this was Facebook's private key, having it would mean unfettered access to the personal information of 20 percent of the earth's population. A private key not only protects communications on a given service; it also protects passwords, credit card information and a user's search engine query terms."
Initially, Levison resisted the government request. In response, a district court found Lavabit in contempt of court and levied a $5,000-per-day fine until the company complied. After Levison was forced to turn over Lavabit's key, the certificate authority GoDaddy revoked the key per standard protocol, rendering the secure site effectively unavailable to users.
Since Lavabit's business model is founded in protecting privacy, Levison shut down the service when it no longer could guarantee security to its customers.
"The government's request to Lavabit not only disrupts the security model on which the Internet depends, but also violates our Constitutional protections against unreasonable searches and seizures," EFF Staff Attorney Hanni Fakhoury said. "By effectively destroying Lavabit's legitimate business model when it complied with the subpoena, the action was unreasonably burdensome and violated the Fourth Amendment."
The deadline for the government's response brief is Nov. 12, 2013.
For EFF's full amicus brief:
Electronic Frontier Foundation
Electronic Frontier Foundation
StopWatching.us Coalition Releases Video to Support Oct. 26 Rally Against NSA Mass Surveillance
US Rep. John Conyers Jr., “Pentagon Papers” whistleblower Daniel Ellsberg and actor Maggie Gyllenhaal join a chorus of prominent voices calling for an end to mass suspicionless surveillance by the National Security Agency (NSA) in a new short video released by the StopWatching.us coalition. Directed by Brian Knappenberger (We Are Legion: The Story of the Hackivists) and produced by the Electronic Frontier Foundation (EFF), the PSA-style video draws parallels between the privacy invasions perpetrated by the Nixon administration and the dragnet telecommunications data collection confirmed this summer by whistleblower Edward Snowden.
WATCH THE VIDEO HERE: https://rally.stopwatching.us/
EMBED CODE: <iframe width="640" height="480" src="//www.youtube-nocookie.com/embed/aGmiw_rrNxk" frameborder="0" allowfullscreen></iframe>
The video, “Stop Watching Us: The Video,” is a call to action released in support of the Stop Watching Us: Rally Against Mass Surveillance being held in Washington, DC, on Saturday, Oct. 26, the 12th anniversary of the Patriot Act. Formed in June 2013, the StopWatching.us coalition is comprised of more than 100 public advocacy organizations and companies from across the political spectrum demanding that Congress investigate the full extent of the NSA's spying programs.
“I’m very honored to help EFF and StopWatching.us get out the word and make the rally in DC as big and as informed as possible,” Knappenberger said. “This is the moment for a large scale debate on the future of this thing we all love, the Internet, the way we communicate, our relationship with our government and how technology and its progress can blend with more traditional notions of privacy, liberty and democracy.”
A diverse cast of media, academic, political and legal figures and truth-speakers unite in the video to sound the alarm over unconstitutional government surveillance. The full list, in order of appearance, includes:
- Daniel Ellsberg, “Pentagon Papers” whistleblower
- Phil Donahue, television talk-show pioneer
- US Rep. John Conyers Jr., (D-MI), ranking Democrat on the House Judiciary Committee
- David Segal, executive director of Demand Progress
- Maggie Gyllenhaal, actor and activist
- Oliver Stone, director of The Untold History of the United States and Nixon
- John Cusack, actor and activist
- Wil Wheaton, actor and writer
- Molly Crabapple, artist and writer
- Jesselyn Radack, U.S. Department of Justice whistleblower and national security and human rights director at the Government Accountability Project
- J. Kirk Wiebe, NSA whistleblower
- Mark Klein, AT&T whistleblower who revealed the telecommunications company’s collaboration with the NSA in collecting customer data
- Thomas Drake, NSA whistleblower
- Cindy Cohn, Legal Director at the Electronic Frontier Foundation
- Dan Choi, LGBTQ activist and Iraq War veteran
- Lawrence Lessig, Roy L. Furman Professor of Law and Leadership at Harvard Law School
Thomas Drake and Daniel Choi will also speak at the rally, which begins with a march from Columbus Circle to the Capitol Reflecting Pool at 12 p.m. EST on Saturday, Oct. 26. StopWatching.us will also deliver more than 500,000 signatures opposing the NSA’s mass surveillance to Congress. The coalition is calling for a full Congressional investigation of America’s surveillance programs, reform to federal surveillance law, and accountability from officials responsible for hiding this surveillance from lawmakers and the public.
For more information on the full list of organizations involved in the coalition and the joint letter sent to Congress, please visit: https://stopwatching.us/.
More information about the rally is available here: https://rally.stopwatching.us.
To speak to a StopWatching.us spokesperson about the video, please contact Christina DiPasquale at 202.716.1953 or Christina@fitzgibbonmedia.com.
Massive Crowdsourcing Effort Leads to Strong Petition Before the USPTO
San Francisco - The Electronic Frontier Foundation (EFF) today filed a formal challenge to the so-called "podcasting patent" used by a patent troll to shake down podcasters big and small for licensing fees. The petition for inter partes review, presented today to the US Patent and Trademark Office (USPTO), is the first legal filing in EFF's "Save Podcasting" campaign launched in May.
In January 2013, Personal Audio, LLC, began suing a number of podcasters, including comedian Adam Carolla (The Adam Carolla Show) and three major television networks, claiming they infringe U.S. Patent No. 8,112,504. In addition to filing these lawsuits, Personal Audio has sent demand letters to a variety of podcasters demanding that they pay a license fee. Because Personal Audio's business model is entirely based on leveraging its patents and it does not do any podcasting itself, the company fits the definition of a "non-practicing entity," or—as everyone from EFF to the White House calls these entities—a "patent troll."
"As we show in our petition, Personal Audio is not the true inventor of this technology and should not be demanding a payout from today's podcasters," EFF Staff Attorney Daniel Nazer said. "If you look into the history of podcasting, you won't see anything about Personal Audio."
Today's petition shows that Personal Audio did not invent anything new, and, in fact, other people were podcasting years before Personal Audio first applied for a patent. In preparation for this filing, EFF solicited help from the public to find prior art, or earlier examples of podcasting. In the petition, EFF cites three examples: Internet Pioneer Carl Malamud's "Geek of the Week" online radio show and online broadcasts by CNN and the Canadian Broadcasting Corporation (CBC).
Members of the public donated $76,160 to fund this campaign, an amount more than double what EFF originally requested when it launched its "Save Podcasting" fundraiser in May. EFF partnered with attorneys working pro bono and the Cyberlaw Clinic at Harvard's Berkman Center for Internet and Society to craft the petition. The donated funds will be used to pay the fees and costs associated with the petition, which are primarily Patent Office filing fees. Any funds remaining after the fees are paid will go towards EFF's ongoing patent reform work.
"Bad patents like this one slow down innovation—exactly the opposite of what the patent system was intended to do," said EFF Senior Staff Attorney Julie Samuels, the Mark Cuban Chair to Eliminate Stupid Patents. "We are thrilled to challenge this bad patent and make the world safer for creators and podcasters."
EFF's "Patent Busting Project" is part of a larger effort to defend innovation through both legal and legislative means.
For the petition:
For Personal Audio's U.S. Patent No. 8,112,504
Electronic Frontier Foundation
Staff Attorney and The Mark Cuban Chair to Eliminate Stupid Patents
Electronic Frontier Foundation
Citing Concerns Over NSA’s Impact on Corporate Members, EFF Leaves Industry Group
San Francisco - The Electronic Frontier Foundation (EFF) today withdrew from the Global Network Initiative (GNI), citing a fundamental breakdown in confidence that the group's corporate members are able to speak freely about their own internal privacy and security systems in the wake of the National Security Agency (NSA) surveillance revelations.
EFF has been a civil society member of the multi-stakeholder human rights group since GNI was founded in 2008 to advance freedom of expression and privacy in the global information and communication technologies sector. While much has been accomplished in these five years, EFF can no longer sign its name on joint statements knowing now that GNI's corporate members have been blocked from sharing crucial information about how the US government has meddled with these companies' security practices through programs such as PRISM and BULLRUN.
"We know that many within the industry do not like or approve of such government interference, and GNI has, in statements, made it clear that member companies want permission from the US government to engage in greater transparency," EFF's International Director Danny O'Brien and Director for International Freedom of Expression Jillian C. York write in a letter to GNI leadership. "However, until serious reforms of the US surveillance programs are in place, we no longer feel comfortable participating in the GNI process when we are not privy to the serious compromises GNI corporate members may be forced to make. Nor do we currently believe that audits of corporate practice, no matter how independent, will uncover the insecurities produced by the US government's—and potentially other governments'—behavior when operating clandestinely in the name of national security."
EFF's involvement with GNI included helping to define its founding principles over two years of negotiations; coordinating opposition to the United Kingdom's Communications Data Bill in 2011; releasing a paper addressing free-speech issues surrounding account deactivation and content removal; and collaborating with fellow members in internal international technical and policy analysis. However, EFF can no longer stand behind the credibility of what had been one of GNI's most significant achievements—third-party privacy and freedom of expression assessments of service providers, including Google, Microsoft and Yahoo.
Moving forward, EFF plans to continue to provide guidance to the GNI and engage companies directly, but as an external organization. EFF supports the other organizations and individuals that continue to work within the GNI for the free speech and privacy rights of users worldwide.
"Although EFF is taking a step back, GNI can still serve an important role as a collaborative project between human rights groups, companies, investors and academics," York said. "If the United States government truly supports international 'Internet freedom,' it would recognize the damage its policies are doing to weaken such efforts and the world's confidence in American companies."
For the text of the letter:
Director for International Freedom of Expression
Electronic Frontier Foundation