Thirty-seven digital rights groups and businesses have come together this week to urge the White House to defend privacy and promise to veto the dangerous cybersecurity bill CISPA. Such legislation poses a number of privacy risks to individuals, allowing levels of information sharing between companies and the government that supersede existing privacy laws. Privacy advocates aren't the only ones speaking out against CISPA; online companies like Reddit and Mozilla, as well as web hosts like Gandi and Namecheap, have chosen to stand up for their users' rights rather than support ill-defined legislation.
Under CISPA, companies can collect your information in order to "protect the rights and property" of the company, and then share that information with third parties, including the government, so long as it is for "cybersecurity purposes." Companies aren't required to strip out personally identifiable information from the data they give to the government, and the government can then use the information for purposes wholly unrelated to cybersecurity – such as "national security," a term the bill leaves undefined.
One question we sometimes get is: Under CISPA, which government agencies can receive this data? For example, could the FBI, NSA, or Immigration and Customs Enforcement receive data if CISPA were to pass?
The U.S. Secret Service is reopening all Freedom of Information Act (FOIA) requests it had previously denied regarding the late Internet activist Aaron Swartz. The news was first broken via twitter by Truthout journalist Jason Leopold, who was one of the first reporters to request files from the Secret Service following Swartz’s death. EFF independently confirmed the decision with the Secret Service, which had been investigating Swartz’ mass downloading of scholarly texts from MIT.
This post was written by Katitza Rodriguez, EFF and Olivia Solis, SHARE Defense
This post was co-written by Katitza Rodriguez (EFF) and Olivia Solis (SHARE Defense)
Since Google first began releasing its transparency reports three years ago, international user-data requests have snowballed for Google -- a trend that shows no sign of abating. How Google has responded to these requests has varied by region.
Google has received 33,279 requests from the United States, which leads way in demands for user data. The United States' data requests include those issued by U.S. authorities for U.S. investigations as well as requests made on behalf of other states pursuant to mutual legal assistance treaties (MLAT).
This article has been written by Katitza Rodriguez (EFF) and Olivia Solis (SHARE Defense)
A federal district judge in New York City issued a troubling ruling today holding that an electronic news clipping service infringed copyright when it republished excerpts of news stories in search results for its clients seeking news coverage based on particular keywords.
The case is Associated Press v. Meltwater. Meltwater is a private subscription service that scans news sites for stories relevant to its clients and then delivers the search results in the form of short excerpts from, and links to, the original articles. News service Associated Press claimed the search results infringed its copyrights in the news articles included within them. Meltwater argued that its service was a noninfringing fair use. EFF filed an amicus brief supporting Meltwater.
EFF has long called on companies to publish the number and type of government demands they receive for user data. We think it's important enough to be one of the stars we award in our Who Has Your Back? campaign started in 2010. Users make decisions every day about which companies they entrust with their thoughts, photos, contacts, identities and location data. In order to make informed decisions users -- especially those at risk from repressive governments or engaging in political activism -- need to know how often the government is seeking that information from their providers.
The recent settlement [PDF] between 38 states and Google over the company's Wi-Fi snooping fiasco sure is puzzling. While the settlement, called an Assurance of Voluntary Compliance, does little to punish Google for accidentally slurping up massive amounts of content from wireless networks using its roaming Street View vehicles, it does require the company to carry out a gratuitous and poorly thought out song and dance.
In particular, the settlement requires Google to:
EFF is pleased to learn that Oman's monarch, Sultan Qaboos, has pardoned "all dissidents jailed for defaming the ruler or taking part in protests." According to the Reuters news agency, "His Majesty Sultan Qaboos has issued a royal pardon for those convicted of defamation, information technology crimes and unauthorized rallies."
This month, the former U.S. Assistant Secretary of Commerce Bruce Lehman, sometimes referred to as the architect of the Digital Millennium Copyright Act (“DMCA”), spoke at a Silicon Valley conference that brought copyright experts together to discuss the impact of that law 15 years later.
At the conference, Lehman admitted the law was the product of a deliberate end-run around the democratic process. Lehman was an advocate for several hardline proposals to criminalize digitial rights management (DRM) circumvention. Unable to sell the proposals domestically, Lehman pressed the Office of the U.S. Trade Representative (USTR) to propose them at the UN World Intellectual Property Organization (WIPO) instead. Many have accused Lehman of using the treaty process to avoid Congress. What was Lehman’s response to those accusations at the event? “I would say that they're right.”
Last Monday, a number of organizations, companies, and individuals came together for a Week of Action against the dangerous cybersecurity bill, CISPA. Though thousands of people answered our call to action, the fight is far from over.
Earlier this month, a Georgia Superior Court issued a breathtaking restraining order against Matthew Chan, the operator of a copyright troll criticism message board, holding him responsible for the posts of his users. As part of the Court’s reasoning, Judge Frank Jordan wrote:
As the owner and operator of the site, Respondent has the ability to remove posts in his capacity as the moderator. However, Respondent chose not to remove posts that were personally directed at [Petitioner Linda] Ellis and would cause a reasonable person to fear for her safety.
Law professor and historian Tim Wu has called the Computer Fraud and Abuse Act (CFAA) the “worst law in technology.” The Ninth Circuit Court of Appeals has described the government’s interpretation of it “expansive,” “broad,” and “sweeping.” And Orin Kerr, former federal prosecutor and law professor, has detailed how the government could use it to put "any Internet user they want [in jail]."
Today EFF joins a broad coalition of over 40 groups and individuals in sending a letter calling on Congress to create a permanent phone-unlocking exemption to the Digital Millennium Copyright Act (DMCA) and to start the process of reforming the anti-circumvention provisions of that law. The coalition represents not just public interest groups, but startup companies, industry organizations, academics, and others.
A proposal under consideration in California would significantly limit access to public information by levying a $10 fee any time anyone—including members of the public and the media—wants to look at a court case record in person. While EFF is certainly sympathetic to the budgetary woes facing all levels of government in California, this measure would trade transparency, citizen engagement and the power of a free press for a short-sighted fiscal stop-gap. On the whole, such a fee would do little to fix institutional spending problems while inflicting massive damage to the public trust.
Yesterday, the Golden Gate Bridge switched to all-electronic tolling. As of March 27, drivers entering San Francisco no longer have the option to pay the $6 cash toll to a human toll collector. Unfortunately, all of the bridge's electronic payment options track the identities of those paying the toll, and all represent a loss of privacy for visitors or commuters entering San Francisco by car. The current implementation of electronic tolling here (and elsewhere) is unnecessarily privacy-invasive and represents a missed opportunity to collect tolls electronically in more privacy-friendly ways.
The flood of software patents has created an environment where companies are afraid that innovation leads to being hit by patent lawsuits. Every dollar spent fighting patent trolls or waging patent wars is a dollar not spent researching, developing, and creating jobs. The situation is so bad that, in 2011, Apple and Google spent more on patent litigation and buying patents than they did on research.
In a victory for open source and common sense, a federal judge has thrown out a patent suit against the Linux-based operating system on the grounds that the patent claims a mathematical algorithm. The case is encouraging both for the result and because the judge ruled at the beginning of the case on a motion to dismiss. This means that the defendant didn’t have to waste a fortune fighting this bad patent. We hope the case will be a model for future litigation involving abstract software patents.
From April 5-7, EFF will be at the National Conference for Media Reform in Denver, Colorado—and we hope to see you there. Hosted by our friends at Free Press, the conference brings together innovators, journalists, activists, artists and more to celebrate the media's greatest advances and solve its biggest problems.
Here's how you can catch us:
In July 2009, South Korea became the first country to introduce a graduated response or "three strikes" law. The statute allows the Minister of Culture or the Korean Copyright Commission to tell ISPs and Korean online service providers to suspend the accounts of repeated infringers and block or delete infringing content online. There is no judicial process, no court of appeal, and no opportunity to challenge the accusers.