Update: A Spanish translation of this post is available here.
Chilling Speech Through Violence
Now that the FCC’s “Open Internet” net neutrality rules have been published in the Federal Register, opening the door to legal challenges, the lawsuits are piling on.
On Friday, Verizon appealed the order in the Washington, D.C., Court of Appeals, arguing that the FCC overstepped its authority in issuing its net neutrality order. Verizon had filed a related claim back in January shortly after the rules were first released, but the court held that suit prior to Federal Register publication was premature. MetroPCS at the time lost a similar challenge on this basis; it has yet to refile post-publication.
Today, EFF joined nine human rights and digital freedom organizations from around the world in sending a letter to the government of Vietnam calling for the release of blogger and human rights defender Pham Minh Hoang.
Readers may remember Pham Minh Hoang from a blog post we wrote in August. Mr. Hoang is a university professor with dual French and Vietnamese citizenship who has been sentenced to three years in prison and an additional three years under house arrest, for trying to "overthrow the government." His crime was exercising a right held dear by much of the world: using the Internet to speak out. EFF, the Committee to Protect Journalists, ARTICLE 19, Reporters without Borders, and the other rights organizations are calling for the Vietnamese government to recognize Mr. Hoang's rights to free expression and release him.
In 1986, Falco’s Rock Me Amadeus topped the charts, Madonna dedicated her hit single Papa Don’t Preach to Pope John Paul II, and a ruffle-clad David Bowie crooned along with funky Muppet goblins in Labyrinth. Meanwhile, although the World Wide Web didn’t even exist yet and cell phones were an expensive rarity, Congress was working on a new law to better protect our digital privacy by regulating when the government could access our private communications. That law, the Electronic Communications Privacy Act (ECPA), was signed on October 21, 1986.
The European Parliament today formally recognized what has become increasingly clear: some European tech companies have been selling to repressive governments the tools used to surveil democracy activists. In response, it passed a resolution to bar overseas sales of systems that monitor phone calls and text messages, or provide targeted Internet surveillance, if they are used to violate democratic principles, human rights or freedom of speech.
According to Bloomberg, the decision came after a Bloomberg report in August that "a monitoring system sold and maintained by European companies had generated text-message transcripts used in the interrogation of a human-rights activist tortured in Bahrain." The legislation reportedly leaves enforcement to the EU’s 27 member nations.
EFF joins millions around the world in mourning the passing of Steve Jobs. Steve was an extraordinary innovator who changed how we think about, develop, use, and experience new technologies, music, and ideas. While we've sometimes found ourselves frustrated with some of Apple's business strategies, we here at EFF have always had tremendous respect for Steve's creative genius and commitment to making products that were powerful, accessible, and elegant. His imagination and vision changed the world. He will be missed.
Tomorrow, October 11, Egyptian blogger Maikel Nabil Sanad will have reached the 50th day of his hunger strike. Arrested in March, Sanad was later sentenced, by a military court, to three years in prison for accusing the military of having conducted virginity tests on female protesters (a charge later found to be true) and stating that "the army and the people are not one," a statement that runs counter to much of the sentiment expressed in Tahrir Square throughout January. In August, Sanad began a hunger strike in the hopes that it would "draw public attention to his plight and force the ruling military council to reconsider what he describes as the military’s 'discriminatory' policies," according to Shahira Amin of Index on Censorship.
Tracking of Logged Out Users
For its 800 millions users, logging out of Facebook is not something done idly. Closing the Facebook tab won’t do it. Closing your browser won’t do it unless you’ve adjusted the settings in your browser to clear cookies upon closing. And Facebook has buried the log-out button so that it isn’t apparent from your Facebook main page or profile page. This doesn’t mean that logging out of Facebook is difficult; it’s not. But this does indicate that when someone logs out of Facebook, they are doing so purposefully. They aren’t just stepping outside of Facebook; they’re closing the door behind them.
Part two in a short series on EFF’s Open Source Security Audit
On Saturday October 1st, eight countries (the United States, Australia, Canada, Japan, Morocco, New Zealand, Singapore, and South Korea) signed the Anti-Counterfeiting Trade Agreement (ACTA) in Tokyo, Japan. Three of the participating countries (the European Union, Mexico, and Switzerland) have not yet signed the treaty, but have issued a joint statement affirming their intentions to sign it “as soon as practicable.” ACTA will remain open for signature until May 2013. While the treaty’s title might suggest that it deals only with counterfeit physical goods such as medicines, it is in fact far broader in scope.
Canada is a popular destination for those who like to fish, but the Canadian government is attempting to spark what may be the country’s largest-ever fishing expedition into its citizens’ private online data.
Supporters of Canada’s “lawful access” legislation were foiled on September 20th when they were pressured to withdraw proposed warrantless digital surveillance measures from an omnibus crime bill. While this is certainly a step in the right direction, Canadian Justice officials say they are “committed to reintroducing” the bills. We must halt this assault on civil liberties in Canada.
For the past six months, EFF has strongly supported SB 914, a bill recently passed by the California state legislature that would require police officers to get a warrant before searching through an arrested suspect’s cell phone.
Last month, the bill received overwhelming support from both Democrats and Republicans, passing the California State Assembly 70-0 and then the State Senate, 32-4. Despite such strong bipartisan support, Governor Brown disappointingly vetoed the bill (PDF) yesterday.
SB 914, written in response to the California Supreme Court decision in People v. Diaz, upheld basic constitutional principles. It just maintained Fourth Amendment protection to the contents of cell phones, requiring officers to show a judge there is probable cause that the phone has evidence of a crime before it is searched incident to arrest.
Just three months ago, we at EFF expressed our disappointment with Australia's two largest Internet service providers (ISPs), Telstra and Optus, for agreeing to implement a filtering scheme after a filtering bill from the Australian government failed to pass.
The saga of the lost iPhone prototype -- the 2010 incident at least, not the most recent one -- has finally concluded. On Tuesday, Brian Hogan (who allegedly found the iPhone 4 prototype in a Redwood City bar) and Sage Wallower (who allegedly helped Hogan contact various web sites about the find) pleaded no contest to misdemeanor theft and were sentenced to probation, 40 hours of community service, and $250 each in restitution payments to Apple.
Occupy Wall Street has called for a global day of action on October 15, and protesters are mobilizing all over the world. In the United States, the Occupy Wall Street movement has already spawned sizeable protests in New York, Washington DC, Boston, Seattle, San Francisco, Oakland, Austin, and other cities. Several of these movements have faced opposition from their local police departments, including mass arrests.
Protesters of all political persuasions are increasingly documenting their protests -- and encounters with the police -- using electronic devices like cameras and cell phones. The following tips apply to protesters in the United States who are concerned about protecting their electronic devices when questioned, detained, or arrested by police. These are general guidelines; individuals with specific concerns should talk to an attorney.
Two years ago, civil society organizations met in Madrid to draft a Declaration that reaffirmed international standards for Internet privacy. On October 31, civil society groups will meet again in Mexico City to review the Madrid Privacy Declaration and examine privacy laws and policies in Latin America and around the world. This gathering is being organized by The Public Voice, a coalition of global civil society groups that promotes privacy and free expression on the Internet. EFF is part of this coalition and will be presenting at the conference. The event will be held in conjunction with the 33rd Data Protection and Privacy Commissioners Conference.
This week marks the 25th anniversary of the Electronic Communications Privacy Act (ECPA), the main federal law setting standards for government access to electronic communications like email. As we’ve been saying for years, ECPA is woefully outdated, putting Americans’ privacy at risk.
That’s why EFF is a co-sponsor of Tuesday’s press conference about updating privacy law for the 21st Century. Senator’s Ron Wyden (D-OR) and Mark Kirk (R-IL) will discuss the changes needed to ensure privacy rights as technology continues to advance.
As several international organizations hatch new ways to impose control over online activities, genuine multi-stakeholder input in policy development becomes extremely crucial. The sixth UN Internet Governance Forum (IGF), held in Nairobi, Kenya, was an important venue for discussing competing models for governing the Internet.
EFF played a pivotal role in shaping the dialogue at this forum, and we were able to push our policies to enhance free expression and privacy, while preventing various government and corporate efforts at mobilizing Internet intermediaries to police the Internet. EFF explained why the effort to utilize Internet intermediaries--from Comcast to Youtube--as tools for surveillance and censorship is a dangerous and misguided policy that will impede innovation and freedom of expression.
“When everything is classified, then nothing is classified…The system becomes one to be disregarded by the cynical or the careless and to be manipulated by those intent on self-protection or self-promotion.” ~ Justice Stewart, New York Times v. United States, 1971.
Last week, the White House issued the so-called ‘WikiLeaks’ Executive Order, which mandates better security for the nation’s classified computer systems. While ensuring that the government has better security over its own systems is a good goal, it fails to address an equally important problem: the American government’s addiction to overclassification, which goes far beyond the appropriate and effective means necessary to safeguard real secrets.
Today, Google announced that it is switching its Search service for logged-in users over from insecure HTTP to encrypted HTTPS. This is a significant win for users: HTTPS is an essential protection against surveillance and alteration of your search traffic — whether by governments, companies, or hackers. Today's change appears to be designed to end a series of attacks that identified or tracked people based on the personalized search results Google gives them — but the protection also extends to outgoing search terms in many situations.
Amazon recently announced that the new Kindle Fire tablet will ship with a brand new browser called Silk. The Silk browser works in “cloud acceleration” mode by routing most webpage requests through servers controlled by Amazon. The idea is to capitalize on Amazon’s powerful AWS cloud servers to parallelize and hence speed up downloading web page elements, and then pass that information back to the tablet through a persistent connection using the SPDY protocol. This protocol is generally faster than the standard HTTP protocol.
Egypt: Free Maikel Nabil Sanad
EFF has grave concerns about the health of Egyptian blogger Maikel Nabil Sanad, who has now been on hunger strike for 57 days. Sanad's retrial was scheduled for October 13, but was postponed. Sanad, who was sentenced in April by a military court to three years in prison on charges of insulting the military on his blog, has stated that he will boycott any retrial.
We firmly support the statement made by Reporters Without Borders Wednesday, which reads:
Proponents of pseudonymity scored a major victory today, when Google executive Vic Gundotra revealed at the Web 2.0 Summit that social networking service Google+ will begin supporting pseudonyms and other types of identity.
The news comes after several months of what has been dubbed Nymwars, in which opposing parties have debated--often heatedly--the merits of the Google+ policy requiring users to identify using their "common name." While EFF recognizes the rights of companies to determine their own policies, we have repeatedly taken the side of users who have argued that the use of a pseudonym grants them greater freedom in expressing themselves online.
NextGov.com is reporting that the FBI will begin rolling out its Next Generation Identification (NGI) facial recognition service as early as this January. Once NGI is fully deployed and once each of its approximately 100 million records also includes photographs, it will become trivially easy to find and track Americans.
If you were inspired to support digital civil liberties this afternoon, you may have noticed that EFF's donation pages look different. The information you enter will now wind its way to an EFF-hosted server and populate a local installation of the first-class, open source database management product for nonprofits, CiviCRM. EFF is proud to join a growing cadre of activist organizations using CiviCRM and will continue contributing to its ongoing success.
Quick Guide to EFF's New Membership Center
Your new EFF membership center, powered entirely by CiviCRM, is located at https://supporters.eff.org/. There you can:
Next week, several EFF staffers will be speaking at the first-ever Silicon Valley Human Rights Conference (Rightscon) in San Francisco. The conference, organized by Access Now and sponsored by several foundations and companies, brings together some of the leading thinkers in the digital human rights space, as well as representatives of technology companies from Silicon Valley and beyond for discussions on the human rights implications of the ICT industry. The conference (tickets are still available here!) is jam-packed with excellent speakers and participants, and promises to provide new insights into solutions for the myriad problems facing Silicon Valley companies today.
Corporate Social Responsibility and the ICT Industry
How Technology Companies Can Avoid Being "Repression’s Little Helper"
This is part 1 of a series on the security of HTTPS and TLS/SSL
HTTPS is a lot more secure than HTTP! If a site uses accounts, or publishes material that people might prefer to read in private, the site should be protected with HTTPS.
Unfortunately, is still feasible for some attackers to break HTTPS. Leaving aside cryptographic protocol vulnerabilities, there are structural ways for its authentication mechanism to be fooled for any domain, including mail.google.com, www.citibank.com, www.eff.org, addons.mozilla.org, or any other incredibly sensitive service:
This week, Wired’s Danger Room blog reported on the FBI’s efforts to track Muslims in the United States using “geo-maps.” The maps, released in response to ACLU Freedom of Information Act (FOIA) requests, show that the FBI is tracking Muslims and mapping Muslim communities extensively and with little, if any, suspicion of criminal activities.
Ten years ago today, in the name of protecting national security and guarding against terrorism, President George W. Bush signed into law some of the most sweeping changes to search and surveillance law in modern American history. Unfortunately known as the USA PATRIOT Act, many of its provisions incorporate decidedly unpatriotic principles barred by the First and Fourth Amendments of the Constitution. Provisions of the PATRIOT Act have been used to target innocent Americans and are widely used in investigations that have nothing to do with national security.
We've reported here often on efforts to ram through Congress legislation that would authorize massive interference with the Internet, all in the name of a fruitless quest to stamp out all infringement online. Today Representative Lamar Smith upped the ante, introducing legislation, called the Stop Online Piracy Act, or "SOPA," that would not only sabotage the domain name system but would also threaten to effectively eliminate the DMCA safe harbors that, while imperfect, have spurred much economic growth and online creativity.
This summer, decision-makers at Bay Area Rapid Transit (BART) garnered considerable criticism -- not to mention the ire of Anonymous and days of protests -- after they chose to shut down cell phone access to four BART stations in downtown San Francisco based on rumors of an upcoming protest. Now BART’s Board Directors has drafted a Cell Phone Interruption Policy, which they will consider at an upcoming meeting on October 27th.
EFF applauds the BART for taking the time to develop a policy whose intent is to clarify the circumstances under which BART may shut down cell phone communications, but the proposed policy, which was made public last week, raises some profound concerns about procedure and accountability that we believe should be directly addressed.
One of the most grave threats to free expression in many countries these days is the intimidation and persecution of bloggers and online journalists. The effects are often far-reaching as bloggers are scared into silence. While the Arab Spring has brought about many positive changes throughout the region, several Middle Eastern countries continue to take measures to silence bloggers. This issue is not, of course, limited to the Middle East. In Thailand, web editor Jiew still faces up to fifteen years in prison, while US-Thai citizen Joe Wichai Commart Gordon pleaded guilty on charges of lèse majesté--a charge that can result in a prison sentence of up to fifteen years--and faces sentencing on November 9. In Mexico, bloggers and online activists may face an even worse fate.
Americans have a long history of using parodies and satire in their political and social debates. Whether it’s the Daily Show, the Onion, or books like The Wind Done Gone, humor and poking fun can have a powerful political impact and are plainly protected by law. So what’s with Justin Bieber trying to take down the website freebieber.org?
As promised, here’s the first installment of our closer review of the massive piece of job-killing Internet regulation that is the Stop Online Piracy Act. We’ll start with how it could impact Twitter, Tumblr, and the next innovative social network, cloud computing, or web hosting service that some smart kid is designing in her garage right now.
In early September, EFF was among the first to report on evidence published by activist collective Telecomix that Blue Coat technology was being used by the Syrian government to conduct surveillance. Following a release of more detailed log files as well as a more detailed report from our friends at Global Voices Advocacy, Mother Jones produced a detailed report, followed shortly by other publications. Prominent security expert Bruce Schneier then offered his take, stating: "Bet you anything that the Syrian Blue Coat products are re
On October 27th, board members of Bay Area Rapid Transit (BART) held a public meeting to discuss the draft of their new cell phone shutdown policy. EFF attended the meeting and presented our recommendations, which would ensure that the final policy complied with the First Amendment and mandated transparency. Encouragingly, the members pledged to adopt many of EFF’s proposed changes.
Today, EFF, along with CCIA and Red Hat, filed a brief urging the entire Federal Circuit to rehear Ultramercial v. Hulu, a case that found an abstract idea patentable when it was tied to the Internet or other computer programming. Cases like this one make bad law, and unfortunately it’s innovators and consumers who will feel that law's harshest effects.