EFF on Wednesday asked a Washington state trial court to lift its order that forced the public records website MuckRock to take down documents one of its users had lawfully obtained.
The motion EFF filed on behalf of MuckRock and its co-founder, Michael Morisy, argues that the court order requiring the site to de-publish these public records was an unconstitutional prior restraint.
“This Court must dissolve the Temporary Restraining Order, which requires the removal of lawfully obtained material that was publicly available to the world for more than a month because it violates MuckRock’s free speech rights under both the Washington and U.S. Constitutions,” EFF wrote.
An EFF Investigation Finds NIST/FBI Experimented with Religious Tattoos, Exploited Prisoners, and Handed Private Data to Third Parties Without Thorough Oversight
Tattoos are inked on our skin, but they often hold much deeper meaning. They may reveal who we are, our passions, ideologies, religious beliefs, and even our social relationships.
That’s exactly why law enforcement wants to crack the symbolism of our tattoos using automated computer algorithms, an effort that threatens our civil liberties.
Right now, government scientists are working with the FBI to develop tattoo recognition technology that police can use to learn as much as possible about people through their tattoos. But an EFF investigation has found that these experiments exploit inmates, with little regard for the research’s implications for privacy, free expression, religious freedom, and the right to associate. And so far, researchers have avoided ethical oversight while doing it.
There's an action movie cliché in which a cop inspects the body of a felled assassin or foot soldier and discovers a curious tattoo that ultimately leads to a rogue black-ops squadron, a secret religious sect, or an underground drug trafficking ring.
The trope isn’t entirely Hollywood fantasy, but the reality of emerging tattoo recognition technology is closer to a dystopian tech thriller. Soon, we may see police departments using algorithms to scrape tattoos from surveillance video or cops in the field using mobile apps to analyze tattoos during stops. Depending on the tattoo, such technology could be used to instantly reveal personal information, such as your religious beliefs or political affiliations.
EFF and over a dozen other organizations are urging U.S. lawmakers to oppose a dangerous bill proposed by Sens. Sheldon Whitehouse and Lindsey Graham that would make the already-flawed Computer Fraud and Abuse Act (CFAA) worse. The joint letter sent Wednesday explains that the legislation fails to address any of the CFAA’s problems while simply creating more confusion. Although the proposal is ostensibly directed at stopping botnets, it includes various provisions that go far beyond protecting against such attacks.
A new agreement between the European Commission and four major U.S. companies—Facebook, Google, Twitter, and Microsoft—went into effect yesterday. The agreement will require companies to “review the majority of valid notifications for removal of hate speech in less than 24 hours and remove or disable access to such content,” as well as “educate and raise awareness” with their users about the companies’ guidelines.
The deal was made under the Commission’s “EU Internet Forum,” launched last year as a means to counter what EDRi calls “vaguely-defined ‘terrorist activity and hate speech online.’” While some members of civil society were able to participate in discussions, they were excluded from the negotiations that led to the agreement, says EDRi.
Too often copyright maximalists take the view that if anyone is making money and using a copyrighted work, no matter how or how minimally, then the copyright owner should get a cut. That’s the attitude that has pushed, among other things, a “clearance culture” in music sampling, a belief that permission is needed to create something new that includes samples.
The Fourth Amendment’s warrant requirement is a key protection against invasive government searches, but getting a warrant doesn’t solve every problem that can arise, particularly with searches for digital data. When the government has a warrant to search for specific files on a computer, courts may permit it to copy more than just those files in order to conduct a thorough search. Even so, the Fourth Amendment does not allow the government to hold on to this extra data for several years, which is exactly what it did in United States v. Ganias, a case decided by the Second Circuit Court of Appeals last week.
A court in Seattle has lifted an order that required our client MuckRock to remove documents one of its users obtained from a public records request.
Agreeing with EFF, King County Superior Court Judge William Downing ruled that the previous order amounted to a prior restraint on speech that violated the First Amendment, and rescinded it along with denying plaintiffs’ request to extend it.
The upshot is that MuckRock and its co-founder, Michael Morisy, are no longer prohibited from publishing two documents the court had previously ordered the website to take down.
Three years ago today, the world got powerful confirmation that the NSA was spying on the digital lives of hundreds of millions of innocent people. It started with a secret order written by the FISA court authorizing the mass surveillance of Verizon Business telephone records—an order that members of Congress quickly confirmed was similar to orders that had been issued every 3 months for years. Over the next year, we saw a steady drumbeat of damning evidence, creating a detailed, horrifying picture of an intelligence agency unrestrained by Congress and shielded from public oversight by a broken classification system.
What is EFF worried about?
The W3C effort to standardize Encrypted Media Extensions (EME, part of the Media Extensions Working Group) marks a new era in W3C standardization. For the first time, implementations of a W3C standard will be covered by "anti-circumvention" laws such as the Section 1201 of the US DMCA; European laws that implement Article 6 of the EUCD; and Canada's Bill C-11.
These laws have been used by companies and rightsholders to threaten security and privacy researchers who came forward to report defects in their products. These laws may also create legal risks for entities who independently implement EME-compatible systems.
In an attack on ad-blocking software, the Newspaper Association of America filed a complaint with the Federal Trade Commission last week, asking the agency to ban a variety of functions, including “evading metered subscription systems and paywalls,” and ad substitution. NAA also called into question new business models that aim to replace online advertising. Newspapers are concerned about the effects that ad-blockers may have on their revenues and their ability to understand and market to their readership. But some of what NAA is asking for would threaten important and widely used privacy software, like Tor and EFF’s own Privacy Badger, and chip away at Internet users’ ability to control their own browsing experience.
Congress has no business approving government programs that neither it nor the public understands. Yet policymakers have repeatedly authorized surveillance activities without doing their homework. Over the eight years since enacting reforms to the Foreign Intelligence Surveillance Act (FISA), Congress has failed to gain a functional understanding of NSA Internet surveillance, and has never even considered its impacts on democracy.
The Illinois Biometric Privacy Statute Survived a Recent Attack. But the Struggle Continues.
Supporters of unregulated corporate facial recognition systems are waging a sneak attack against our nation’s strongest protection of biometric privacy. On one side are business interests seeking to profit by using invasive facial recognition technologies to identify and track vast numbers of people without their consent. On the other side are EFF and many other digital privacy and consumer rights organizations. Our side won the latest round. But the future of biometric privacy will require all of our constant vigilance.
The bill now sits with the State Senate Judiciary Committee and must be defeated.
California's A.B. 2880 will give government agencies the power to put copyright restrictions on their work. That means state bureaucrats will be able to wrap their reports, research, e-mails, and even videos of public meetings in onerous legal restrictions, backed by federal lawsuits and six-figure penalties. The bill would change California from one of the most open state governments to one of the least open. EFF opposed the bill and explained its dangers to the State Assembly.
Californians, tell your lawmakers to oppose this dangerous bill.
We are proud to announce the return of EFF's Badge Hack Pageant at the 24th annual DEF CON hacking conference in Las Vegas. EFF invites all DEF CON attendees to stretch their creative skills by reinventing past conference badges as practical, artful, and over-the-top objects of their choosing. The numerous 2015 pageant entries included a crocheted badge cozy, a quadcopter, counterfeit badges, a human baby, a breathalyzer, a dazzling array of LED shows, and more than one hand-made record player that would make MacGyver weep.
“The current Web is not private or censorship-free.” That matter-of-fact bug report provides the reason for the first ever Decentralized Web Summit, taking place this week at the Internet Archive in San Francisco. EFF is participating in the festivities, and whether you’re following along in person, on the live stream, or online, we hope these highlights can bring a bit more of the conversation to you.
The day started with a kickoff by Wendy Hanamura, Director of Partnerships at the Internet Archive, welcoming all of the “great builders of the next decentralized web.” She then handed the stage to Mitchell Baker, Executive Chairperson of the Mozilla Foundation.
People who don't like what's said about them on the Internet can't bypass important protections for online speech by demanding the copyright to objectionable comments, EFF argues in a new amicus brief filed together with Public Citizen and Harvard's Cyberlaw Clinic. The underlying case, now before the United States Court of Appeals for the First Circuit, implicates key principles for online free speech and the rights of those who use online speech platforms.
The afternoon session of the Decentralized Web Summit started with a rousing call to action by EFF’s own Cory Doctorow, who started by talking about…Oreos. More specifically: if you want to lose weight, you start by throwing away your bag of Oreos, so that when it’s been a long day and you’re exhausted and you’re craving a snack, they’re not there to tempt you. This is what’s called a “Ulysses Pact,” something you do when you’re strong and at your best, so that you can avoid giving in to temptation and compromise when you’re at your worst.
A European Commission proposal to give new copyright-like veto powers to publishers could prevent quotation and linking from news articles without permission and payment. The Copyright for Creativity coalition (of which EFF is a member) has put together an easy survey and answering guide to guide you through the process of submitting your views before the consultation for this "link tax" proposal winds up on 15 June.
The Ethiopian government has passed a dangerous cybercrime law that criminalizes an array of substantive computer activities including the distribution of defamatory speech, spam, and pornography online among others offenses. The law, dubbed the “Computer Crime Proclamation,” was passed, the government says, in an effort to more accurately attune the country’s laws to technological advances and provide the government better mechanisms and procedures to "prevent, control, investigate, and prosecute the suspects of computer crimes."
The Trans-Pacific Partnership (TPP) has never been on a shakier footing, given widespread (and well justified) public mistrust of the process and the outcome, opposition from all of the Presidential candidates, and to top it all off a decidedly lackluster forecast even from the administration's own International Trade Commission. Is it too much to hope that the TPP is on its last legs?
The Bill Is a Great Step for Government Transparency
The U.S. government has made huge strides in its open data practices over the last few years. Since it launched in 2009, data.gov has become a crucial source for everything from climate and agricultural data to Department of Education records. For the most part, this new era of data disclosure didn’t happen because Congress passed new laws; it happened through presidential orders and procedural improvements in the Executive Branch.
Unfortunately, it might be just as easy for future administrations to roll back the current open data program. That’s why EFF supports a bill that would mandate public access to government data and urges Congress to pass it.
A bipartisan group of House members are preparing to introduce measures widely supported by their colleagues that would rein in NSA domestic surveillance and protect encryption. But a change in procedure adopted by the House leadership may deny the House a chance to even consider their proposal.
Law enforcement agencies should not expand their electronic surveillance capabilities until they have addressed core problems of corruption, incompetence, poor oversight, and inadequate training.
Echoing concerns long raised by EFF, that’s the message the U.S. Department of Justice (DOJ) sent the Calexico Police Department (CPD) following a years-long investigation into alleged corruption by officers.
Congress has passed reforms to the Freedom of Information Act, which EFF hopes signals the beginning of a larger overhaul of the transparency law that will mark its 50th birthday in July.
Earlier this year both chambers passed dueling FOIA reform bills. The House passed the FOIA Oversight and Implementation Act (H.R. 653) in January, while the Senate approved it's own version – the FOIA Improvement Act of 2016 (S. 337) – in March. On Monday, the House approved the Senate bill, which will head to President Obama. He has previously indicated that he would sign it.
In a crucial win for Internet users, today a federal appeals court upheld [PDF] clear net neutrality rules that will let us all use and enjoy the Internet without unfair interference from Internet service providers. The rules will keep providers from blocking or slowing traffic, or speeding up traffic for those who pay.
Last year, EFF and other advocacy groups, along with millions of Americans, called on the FCC to do its part to defend Internet expression and innovation. We urged them to adopt focused rules based on a legal framework that would finally stand up to the inevitable legal challenge, but also limit their own authority in order to help prevent a future FCC from abusing its regulatory power. The FCC responded with an Open Internet Order that largely did just that.
EFF’s team of fearless lawyers defends your rights on the frontlines of technology and the law, from police stops on the street to arguments in the courtroom to the halls of government where policies are ground out. EFF’s latest hire, Criminal Defense Staff Attorney Stephanie Lacambra, is a fierce and accomplished public defender who will lend her unique expertise to our ongoing and emerging battles against law enforcement and prosecutorial overreach.
I sat down with Stephanie to learn more about her story up until now and where she hopes this new endeavor will take her.
What kind of cases did you work on before joining EFF?
Last week, Santa Clara County—which encompasses much of Silicon Valley—set a new standard in local surveillance transparency after months of activism by residents and allies from across the Bay Area. Their efforts, and the policy it enabled, suggest an overlooked strategy in the national battle to curtail unaccountable secret mass surveillance.
Today the federal Government Accountability Office (GAO) finally published its exhaustive report on the FBI’s face recognition capabilities. The takeaway: FBI has access to hundreds of millions more photos than we ever thought. And the Bureau has been hiding this fact from the public—in flagrant violation of federal law and agency policy—for years.
It is time for the agency to use its authority to protect consumer privacy.
The Federal Communications Commission (FCC) is collecting comments from the public about how the laws that govern consumer privacy over broadband networks should be applied. In its response, EFF has called on the FCC to ensure that the legal obligations of Internet Service Providers (ISPs) to their customers are clearly established and that the agency prohibits practices that exploit the powerful position ISPs hold as gatekeepers to the internet.
The Second Circuit has released its long-awaited opinion in Capitol Records v. Vimeo, fully vindicating Vimeo’s positions. EFF along with a coalition of advocacy groups, submitted a friend-of-the-court brief in the case, supporting Vimeo.
The Second Circuit considered three important issues. First, whether a service provider could rely on the DMCA safe harbor when it came to pre-1972 sound recordings. Second, whether evidence of Vimeo employees watching certain well-known songs was enough to create “red flag” knowledge that the videos were infringing. And third, whether Vimeo was “willfully blind” to infringement occurring on its service.
For each of these issues, the Second Circuit ruled for Vimeo.
EFF Calls for a Day of Action on June 21. Please join us.
The Department of Justice is using an obscure procedure to push through a rule change that will greatly increase law enforcement’s ability to hack into computers located around the world. It’s an update to Rule 41 of the Federal Rules of Criminal Procedure. If Congress does nothing, this massive change will automatically go into effect on December 1.
EFF, the Tor Project, and dozens of other organizations concerned about the future of our digital security are taking a stand for users everywhere. We’re organizing a campaign and day of action to speak out against the changes to Rule 41.
But we can’t do it alone. If you run a website, we need your help.
Next week, the House Judiciary Committee will finally hold a hearing on the SPEAK FREE Act (H.R. 2304), over a year after the bill was introduced in the Congress. We support the SPEAK FREE Act, which would help protect victims of strategic lawsuits against public participation, commonly known as SLAPPs.
Warrants are not difficult to secure when appropriate. They prevent the government from abusing its powers, as it repeatedly has in the past.
EFF celebrates the anniversary of the Supreme Court’s landmark decision in Alice v. CLS Bank. In Alice, the court ruled that an abstract idea does not become eligible for a patent simply by being implemented on a generic computer.
It’s time to lift the cloak of secrecy that has until now shielded the NSA from judicial scrutiny. EFF served the agency with information requests late last week in Jewel v. NSA, EFF’s signature case challenging government surveillance. Since we filed the case in 2008, leaks about government spying—much of which have been confirmed by intelligence agencies—have vindicated our claims that the U.S. government is and was illegally spying on millions of innocent Americans. Now, we are seeking answers to basic questions about the nuts and bolts of the government’s Internet and telephone mass surveillance programs.
Today at the OECD Ministerial Meeting on the Digital Economy in Mexico, the Global Commission on Internet Governance released its final report, One Internet. Despite its important-sounding name, the Commission is not an official body, but a think tank convened in 2014 by the Center for International Governance Innovation (CIGI) and Chatham House, composed of a diverse panel of 29 invited experts from industry, government, academia, and civil society (including EFF Pioneer Award recipient Anriette Esterhuysen).
It's Not Too Late to Write to Congress About the Disastrous Rule Change
What happens when you try to push a dangerous policy through without the Internet noticing? The Internet fights back.
A few days ago, we warned of an impending rule change that would dramatically increase law enforcement’s authority to hack into computers. We encouraged people, organizations, and companies to add a special banner to their websites for one day, calling on Congress to stop the updates to Rule 41 of the Federal Rules of Criminal Procedure.
Update June 22, 2016: The Senate failed to pass an amendment to expand the FBI's National Security Letter powers and to make the "lone wolf" provision of the Patriot Act permanent; however, the amendment will probably be voted on again soon. Senate Majority Leader Mitch McConnell switched his vote to "No" at the last minute so that he may be able to bring up the amendment during future debate. The amendment was included as part of the Commerce, Justice, Science and Related Agencies Appropriations Act, which will have a final vote on the Senate floor later this week. Tell your Senators to Vote NO on the amendment.
You spoke, and the California Legislature listened. We’re happy to report that A.B. 2880 was amended in the State Senate to remove the dangerous sections that EFF and over 25 other organizations opposed. Your messages to the Legislature were vital to this effort.
The prior version of A.B. 2880 that was passed by the State Assembly would have given state government agencies vast new power to assert copyrights and trademarks over government-created work. It also would have added a broad new exemption to the California Public Records Act, the state’s version of FOIA.
Rhode Island legislators recently decided not to advance a bill that would have made that state’s bad “anti-hacking” law even worse. This is good news. But the struggle continues against other vague and overbroad computer crime laws.
In a dangerously flawed decision unsealed today, a federal district court in Virginia ruled that a criminal defendant has no “reasonable expectation of privacy” in his personal computer, located inside his home. According to the court, the federal government does not need a warrant to hack into an individual's computer.
EFF has observed an alarming trend: when certain parties face challenges in attempting to monetize their contributions to copyrighted works, lawmakers often attempt to address it by handing out new copyright-like veto powers. We've dubbed this trend "copyright creep", and it's running rampant all over the world.
Net Neutrality’s Opponents in Congress Are Determined to Defund, Stall, and Hamstring the FCC
Internet users recently enjoyed a historic victory in the United States Court of Appeals for the District of Columbia Circuit where the Federal Communications Commission’s (FCC) Open Internet Order was upheld as lawful. The court swatted down every legal argument made by the cable and telephone industries opposed to a free and open Internet. But in the last few weeks, Congress has relentlessly tried to defund, stall, and hamstring the FCC—even though four million Americans spoke out in favor of the FCC using its legal authority to protect a free and open Internet.
As the debate over the future of the DMCA safe harbors heats up, the US Copyright Office is proposing a plan that could undermine those safe harbors much sooner.
One of the myriad conditions of DMCA safe harbor protection from copyright liability (protection on which thousands of intermediaries rely to survive) is to register an agent to receive DMCA takedown notices. Last month the Copyright Office announced that it would finally be implementing a new, much cheaper and streamlined electronic registration process.
But there’s a catch.
On June 23, Amnesty International—along with IFEX, Human Rights Watch, FIDH, and seven other organizations—issued a joint statement on the “existential threat” faced by Egyptian civil society. In recent months, the statement reads:
Many people working with non-governmental organisations (NGOs) have been detained and ill-treated, charged with offences under the draconian Counter-terrorism law, or subject to a judicial request to ban them from travel and freeze their assets.
The best legal minds in the Bay Area gathered to participate in EFF's 9th Annual Cyberlaw Trivia Night on June 16. Over 100 friends from 20 technology law firms and Internet companies attended, making for a rousing night vying for the coveted Cyberlaw Quiz Cup. EFF's staff joined forces to craft questions, pulling details from the rich canon of privacy, free speech, and intellectual property law, creating seven rounds about privacy and speech, encryption case law, fair use in music, and more.
Competition was fierce this year, with the top four teams separated by just one point. The tiebreaker round involved very challenging questions, including one about a court decision published just hours earlier, in Capitol Records v. Vimeo.
The Supreme Court decided two patent cases and one copyright case this month. If the three cases have a unifying theme, it is that the Supreme Court gave more deference to fact-finding tribunals, whether that is the Patent Office or district courts. We discuss each of the three rulings below.
Halo Electronics v. Pulse Electronics
TL;DR: The Supreme Court gives district courts more discretion to impose enhanced damages in patent cases.
Last week, the U.S. Supreme Court took away a little more of your right to be free from unlawful police searches. In a 5-3 decision in Utah v. Strieff, the Court held that if the police illegally stop and search you, they can use against you any evidence they find, as long as they determine—after they’ve stopped you—that you’re one of the 7.8 million Americans with an outstanding arrest warrant.
Justice Sonia Sotomayor wrote a fiery and spot-on dissent that forcefully demonstrates the troubling links between racial discrimination, police stops of pedestrians and motorists, arrest warrant databases, and out-of-control police surveillance technologies.
The Strieff Majority Undermined the Exclusionary Rule