For some time now there has been a need to update understandings of existing human rights law to reflect modern surveillance technologies and techniques. Nothing could demonstrate the urgency of this situation more than the recent revelations confirming the mass surveillance of innocent individuals around the world.
This morning the House Judiciary Committee held the latest in a series of hearings designed to set the stage for a deeper dive into copyright law and its discontents. Last week, the Committee heard from the "copyright sector"; this week it was a "tech sector." (We still believe those are essentially meaningless categorizations, but anyway). In sharp contrast to last week's hearing, which was largely populated by the usual suspects — industry association representatives, heads of traditional content corporations and so on — the witnesses this week came from a variety of small to mid-size companies and nonprofits that are experimenting with new technologies and new business models.
In addition to the vast number of open community wireless networks all over the world, there has been a recent uptick in business plans from start-ups and well-established companies that aim to increase wireless Internet access. The Open Wireless Movement encourages free, open, and unrestricted wireless access we welcome private sector participation alongside the work of communities, non-profits, governments, and dedicated individuals, in order to realize this vision.
Earlier this week, the Oakland City Council voted to approve the second phase of a $10.9 million surveillance center that would enable the City to engage in widespread warrantless surveillance of Oakland residents who have engaged in no wrongdoing whatsoever. This is a terrible blow to privacy.
EFF's fourth annual DEF CON t-shirt is a killer. Special donors will be able to pick up the limited edition "Encryption is Key" design in Las Vegas this year, but that's not all. This t-shirt is a solveable puzzle. The first 10 individuals to decipher it, retrieve the correct passphrase, and reveal it to the staff at the EFF vendor booth will receive a special prize. This t-shirt will not be available online unless some remain after DEF CON, but don't worry. There are some amazing things available right now.
After donating at our booth in Las Vegas, be sure to catch EFF in action at talks for Black Hat USA, Security BSidesLV, and DEF CON!
EFF is proud to welcome prolific First Amendment lawyer David Greene to our legal team. As a senior staff attorney, David’s work will include free speech and privacy litigation and he has already hit the ground sprinting as one of the experts involved in EFF’s freedom-of-association lawsuit against the NSA.
EFF is at Black Hat and DEF CON this week, two conferences that draw a wide variety of people from tech including security researchers, coders, engineers, and everyday users. This year, EFF is pushing its campaign around making common sense changes to the Computer Fraud and Abuse Act—including a phone booth called the CFAA DC Dialer that allows DEF CON attendees to call their Representative.
Copyright policies do not belong in trade agreements—period. Negotiated without a trace of transparency or democratic oversight, these secret diplomatic processes are the worst venues to enact digital policy. Not only has the public been completely shut out, U.S. Congress members have extremely limited access to agreement texts even as they’re being negotiated.
It gets worse: lawmakers themselves may soon pass a bill that severely limits their own ability to improve or remove language in agreements like the Trans-Pacific Partnership (TPP) agreement or the Anti-Counterfeiting Trade Agreement (ACTA). That includes any copyright or Internet control provisions that have been smuggled in by special interest groups.
Following a wave of polls showing a remarkable turn of public opinion, Congress has finally gotten serious about bringing limits, transparency and oversight to the NSA’s mass surveillance apparatus aimed at Americans.
While we still believe that the best first step is a modern Church Committee, an independent, public investigation and accounting of the government’s surveillance programs that affect Americans, members of Congress seem determined to try to enact fixes now. Almost a dozen bills have already been introduced or will be introduced in the coming weeks.
If you have a recent Android phone or tablet, chances are you take advantage of a convenient feature to backup your application settings and wireless network passwords. This feature is enabled by default in Android 2.2 and later, and it can make switching to a new device or replacing a lost phone a quicker process. If you haven't examined all the settings for your phone, you might not know if this setting is enabled.
You might not even know who has access to your data.
We've not talked much about the International Trade Commission (ITC) here, but something quite interesting happened there over the weekend. The White House stepped in and, in a notable and rare move, overruled a ban limiting importation of certain Apple products. That ban was based on an ITC finding of patent infringement, but the White House overruled it based on—get this—the public interest.
Next week, one of the most respected security research conferences in the world, the USENIX Security Symposium, will be held in Washington D.C. Thanks to a gag order from a British court, however, it won't go quite as planned. The order forbids the authors of a paper describing fundamental flaws in car lock systems from discussing key aspects of the work, based on nothing more than speculation about a third party's alleged “misuse of confidential information.”
UPDATE: Add the IRS to the list of federal agencies obtaining information from NSA surveillance. Reuters reports that the IRS got intelligence tips from DEA's secret unit (SOD) and were also told to cover up the source of that information by coming up with their own independent leads to recreate the information obtained from SOD. So that makes two levels of deception: SOD hiding the fact it got intelligence from the NSA and the IRS hiding the fact it got information from SOD. Even worse, there's a suggestion that the Justice Department (DOJ) "closely guards the information provided by SOD with strict oversight," shedding doubt into the effectiveness of DOJ earlier announced efforts to investigate the program.
After days of anticipation, EFF's "Encryption is Key" t-shirt for DEF CON 21 has been solved! DEF CON holds a special place in our hearts as one of the premier hacking conferences in the US, so for the past few years we have created special member t-shirts to honor the creative spirit of the infosec community. We started with "Things to Hack" at DC18, "Encryption Saves" at DC19, and our robot-pwning "Script Kitty" at DC20.
A New Jersey federal district court judge on Friday will hear oral arguments in a challenge to an overbroad state law that, if upheld, would threaten to undermine bedrock legal protections for online speech. The legal challenge was brought by EFF on behalf of the Internet Archive, the San Francisco-based online library that regularly makes copies of the entire Internet, and separately by the law firm of Davis Wright Tremaine on behalf of classified ad site Backpage.com.
Lavabit announced today that it would shut down its encrypted email service rather than “become complicit in crimes against the American people.” Lavabit did not say what it had been asked to do, only that it was legally prohibited from sharing the events leading to its decision.
An important New York Times investigation from today reported that the NSA "is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country" without warrants or any particularized court order. This new report, coupled with leaked documents published by the Guardian, call into question the accuracy of statements made by government officials about NSA surveillance under Section 702 of the FISA Amendments Act.
During the Senate Judiciary Committee’s August 1 mark-up of the shield law bill aimed at protecting journalists’ sources, Sen. Dianne Feinstein (D-CA) reportedly objected to the definition of journalist provided in the bill as introduced, seeking to restrict the definition’s scope to apply only to “real reporters.” To achieve her misguided goal, Sen. Feinstein has put forward an amendment to S. 987 that would greatly exacerbate the problems with the definition of who’s a journalist that existed in the bill as introduced.
Prior to President Obama’s press conference on potential surveillance reform today, two important stories were published showing National Security Agency (NSA) surveillance has gone farther than government officials have admitted publicly. Now that the President has promised transparency on NSA surveillance, it’s time for the NSA to come completely clean to the American public. They can start by explaining—in detail—how and why they are obtaining the content of communications transiting telecom networks, which then go into the databases behind NSA programs.
The Administration released a White Paper on Friday that summarized its claimed legal basis for the bulk collection of telephony metadata, also known as the Associational Tracking Program under section 215 of the Patriot Act, codified as 50 U.S.C. section 1861. While we’ll certainly be saying more about this analysis in the future, the paper makes one central point clear:
There is no direct authorization for the Associational Tracking Program in Patriot Act section 215.
Earlier today, President Obama held a press conference to address the growing public concern over the National Security Agency’s surveillance practices. We are glad to see that the Administration has been forced to address the matter publicly as a result of the sustained public pressure from concerned voters as well as the ongoing press coverage of this issue. Obama acknowledged that Americans were uncomfortable with the surveillance that has been leaked to the media (and noted that he would be as well, if he weren’t in the government). He made four commitments to transparency and reform during the press conference, and also published a whitepaper describing the legal interpretation of the PATRIOT Act that is used to attempt to justify bulk surveillance.
Update (10/16/2013): Google Fiber has made a change to their Acceptable Use Policy that clarifies that some non-commercial uses for running servers are permitted. We applaud Google for making this change, but note that there are still provisions to take issue with in the policy, such as the explicit ban on users running open wireless networks, which runs counter to our Open Wireless Movement.
Esto es un repositorio de documentos que analizan el impacto de las disposiciones de propiedad intelectual del TPP en materia de derechos digitales. Queremos agradecer a Hiperderecho por traducir estos documentos del inglés.
Update: Polls further confirm that Americans are deeply concerned with the unconstitutional NSA spying programs. In a July 10 poll by Quinnipiac University, voters were asked whether the government's efforts "go too far in restricting the average person's civil liberties" or "not far enough to adequately protect the country." The poll revealed that Americans largely believe that the government has gone too far by a margin of 45% to 40%. This is a clear reversal from a January 2010 survey in which the same question found that 63% of voters believed the government didn't "go far enough to adequately protect the country."
A Microsoft executive has confirmed that, contrary to earlier reports from the company, the upcoming Xbox One console will not require the Kinect sensor to be activated at all times after all. This change comes after a widespread backlash from gamers concerned about the privacy implications of an always-on camera pointed from the television back at the couch.
There’s no doubt that the secret court overseeing the unconstituional NSA spying must be reformed. The recent revelations of large-scale domestic surveillance approved by the Foreign Intelligence Surveillance Court (FISA Court) are proof of that. The FISA Court operates in near-total secrecy and only hears from one side—the US government. What's more: according to news reports, it's gutted the Fourth Amendment by creating expansive exceptions to the law unseen before in any other court.
It’s been two months since President Barack Obama first said that he welcomes a debate about NSA surveillance, which he once again reiterated last week at his press conference. Unfortunately, it’s very hard to have a real debate about a subject when the administration constantly and intentionally misleads Americans about the NSA’s capabilities and supposed legal powers.
Fast track authority, also known as trade promotion authority, empowers the White House to unilaterally negotiate and sign trade agreements. It not only hinders Congress from exercising its constitutionally mandated power to oversee and amend trade deals, it could impact their sovereign power to make and reform copyright and Internet policy domestically.
EFF filed an amicus brief in an important case known as Du v. Cisco, where Chinese human rights activists have sued the US tech giant Cisco in Maryland federal court. The case alleges that Cisco knowingly customized, marketed, sold, and provided continued support and service for technologies used by the Chinese government to facilitate human rights abuses.
With each recent revelation about the NSA's spying programs government officials have tried to reassure the American people that all three branches of government—the Executive branch, the Judiciary branch, and the Congress—knowingly approved these programs and exercised rigorous oversight over them. President Obama recited this talking point just last week, saying: "as President, I've taken steps to make sure they have strong oversight by all three branches of government and clear safeguards to prevent abuse and protect the rights of the American people." With these three pillars of oversight in place, the argument goes, how could the activities possibly be illegal or invasive of our privacy?
When Amir Shafi got the notification from Airbnb saying that his account had been terminated, he was surprised. The Iranian national, who is a resident of Switzerland, had recently returned from a trip to Istanbul, where he had successfully rented accommodation through Airbnb. When he returned from the trip, he received a notification asking him to verify his account.
“I was happy to see there is a verification process,” says Amir, which is why he immediately uploaded a scanned copy of his Iranian passport. “It makes any community work better, so I immediately did what the website was asking me to do.” A few minutes later, he received notification that his account had been verified.
But just hours later, Amir received an email that Airbnb had closed his account. The message read:
In the ongoing legal battle between craigslist and 3taps, a new court opinion makes clear that people are "authorized" under the Computer Fraud and Abuse Act (CFAA) to access a public website. But what the court gave with one hand it took with the other, as it also ruled that sending a cease-and-desist letter and blocking an IP address is enough to "revoke" this authorization.
3taps collects real-estate data from craigslist and makes it available to other companies to use. One of those companies, Padmapper, republished craigslist apartment postings over a map to enable users to view apartment listings geographically, a feature then unavailable on the craigslist site. Craigslist's terms of service prohibits people from "scraping" or copying data from craigslist's site.
When will they ever learn? The Alberta tourism bureau—which shares a law firm with some of the Canadian province's major oil companies—used a copyright takedown notice to try to smother a movie trailer that satirizes Alberta's oil sands project. The two-and-a-half-minute trailer used about four seconds of an Alberta travel advertisement to contrast its lush nature shots with images of environmental destruction in the oil fields, and to satirize its "Remember to Breathe" slogan. These are fair uses that should have been obvious to Travel Alberta's lawyers, and ordering the trailer down earns Travel Alberta a place in EFF's Takedown Hall of Shame.
Update: In response to EFF's FOIA lawsuit, the government has released the 2011 FISA court opinion ruling some NSA surveillance unconstitutional.
For over a year, EFF has been fighting the government in federal court to force the public release of an 86-page opinion of the secret Foreign Intelligence Surveillance Court (FISC). Issued in October 2011, the secret court's opinion found that surveillance conducted by the NSA under the FISA Amendments Act was unconstitutional and violated "the spirit of" federal law.
A Federal Judge in Illinois recently ruled (PDF) that the infringement claims asserted by Helferich Patent Licensing, LLC—the notorious troll who owns patents on sending links to cell phones—did not hold up, all thanks to a doctrine known as "patent exhaustion."
Guardian journalist Glenn Greenwald’s partner David Miranda was detained for almost nine hours by UK border authorities on Sunday under the pernicious Terrorism Act of 2000. He was on his way home from visiting Greenwald’s colleague and journalist Laura Poitras in Berlin. According to news accounts, Miranda was never asked about terrorism while held at Heathrow airport but was asked repeatedly about his partner’s journalism concering NSA surveillance.
In response to EFF's Freedom of Information Act request, the government released today the 2011 FISA Court opinion (redacted) that found part of the National Security Agency's "upstream collection" to be illegal and unconstitutional. Upstream collection is when the NSA gets a copy of Internet traffic as it flows through major telecommunications hubs, and searches through for "selectors," like an email address or a keyword.
Minnesota is the latest state to join the fight against patent trolls. It announced yesterday that it reached a settlement with the "scanner troll," who claims to own the technology for scanning documents to email and has been demanding that companies large and small who use this widely available technology pay up. This settlement follows what appears to be an investigation by the state's attorney general.
De un tiempo ahora se ha vuelto necesario actualizar la forma en que entendemos al derecho internacional de los derechos humanos para dar cuenta de las nuevas tecnologías y técnicas de la vigilancia. La urgencia de esta tarea se ve demostrada por las recientes revelaciones que confirman la vigilancia masiva de individuos inocentes de todo el mundo.
You might remember that in 2011, Congress passed the America Invents Act (AIA), which at the time, was heralded as it was heralded as "the first meaningful, comprehensive reforms to the nation’s patent system in nearly 60 years." You might also have noticed that we haven't talked much about it since then, since the law did next to nothing to really address many of the problems that users, consumers, small companies, and the tech community in general face because of a broken patent system, particularly the patent troll problem.
Since the revelations of confirmed National Security Agency spying in June, three different "investigations" have been announced. One by the Privacy and Civil Liberties Oversight Board (PCLOB), another by the Director of National Intelligence, Gen. James Clapper, and the third by the Senate Intelligence Committee, formally called the Senate Select Committee on Intelligence (SSCI).
When you access a Web site over an encrypted connection, you're using a protocol called HTTPS. But not all HTTPS connections are created equal. In the first few milliseconds after a browser connects securely to a server, an important choice is made: the browser sends a list of preferences for what kind of encryption it's willing to support, and the server replies with a verification certificate and picks a choice for encryption from the browser's list. These different encryption choices are called "cipher suites." Most of the time, users don't have to worry about which suite the browsers and servers are using, but in some cases it can make a big difference.
The Wall Street Journal published an important investigation last week, reporting that the National Security Agency (NSA) has direct access to many key telecommunications switches around the country and “has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans.” Notably, NSA officials repeatedly refused to talk about this story on their conference call with reporters the next day. Instead the Director of National Intelligence and the NSA released a statement about the story later that evening.
Are police allowed to rummage through the contents of a cell phone when a person is arrested? The U.S. Supreme Court is currently deciding whether to grant review in two cases involving the thorny issue. Together with the Center for Democracy and Technology, we've filed an amicus brief with the Supreme Court asking it to grant review in Riley v. California, a case involving the warrantless search of a smartphone incident to arrest.
The annual conference and festival South by Southwest has launched its Panel Picker, inviting the Internet community to help select the panels that will be featured at the next event. There are quite a few panels this year featuring EFF staff members.
We would love to go advocate for digital liberties in Austin next year, so we’re asking our friends and fans to please take a few moments to vote for us.
Here's how you can help:
Step 1: Visit the Panel Picker site and login or register for a new account.
Step 2: Click each of the links below.
Step 3: Click the “thumbs up” next to the panel description.
Step 4: Share this blog post! Suggested tweet: I want to see the @EFF in Austin. Please vote for them in SXSW's Panel Picker: https://eff.org/r.5bZN