EFF recently received records from the Miami-Dade Police Department in response to a Public Records request for information on its drone program. These records provide additional insight into domestic drone use in the United States, and they reinforce the importance of public access to information on who is authorized to fly drones inside US borders.
The COA and the other records EFF received show that Miami-Dade’s drone program is quite limited in scope. The two small drones the MDPD is flying—Honeywell T-Hawks—are able to fly up to 10,000 feet high, can record video or still images in daylight or infrared, and can “Hover and stare; [and] follow and zoom,”(pdf) according to the manufacturer. However, the COA limits their use to flights below 300 feet. The drones also must remain within visual line of sight of both a pilot and an observer and can only be flown during the day. They cannot be flown within the Miami city limits or over any high-rise buildings, populated beaches, outdoor assemblies of people, or heavily trafficked roadways (which seems to severely limit their range).Also, the MDPD has stated it doesn’t use the drones to record incidents or store image files and that the drone is set up to “clear the picture upon the next picture being captured.” (It is not clear from MDPD’s records whether the department has another system set up to retain the image files.)
MDPD sent EFF a copy of its “Standard Operating Procedures” for flying the T-Hawks, though these procedures are still in draft form. However, neither they nor the COA discuss any legal restrictions on flights or information collected to protect privacy or civil liberties. MDPD said in a separate email that the department does not require a warrant or any other form of court process prior to flying the drones.
Although EFF would like to see the MDPD incorporating court oversight into its use of drones, we commend the department for following the example of the Texas Department of Public Safety and being forthcoming about its drone program. We hope the FAA will use these agencies as a model as it prepares its response to EFF’s lawsuit and Freedom of Information Act request for copies of all COAs the agency has issued to fly drones domestically.
The United Arab Emirates signed a deal with telecommunications company, Etisalat, to embed citizens' national ID information into mobile phones. They will now be exploring a system that would utilize an NFC or Near Field Communication application, which allows cell phones to communicate data via radio frequency within very close range. The UAE has had a national ID system since 2004, with IDs carrying a chip similar to one on a credit card and holding a person's name, birthday, gender, photograph, fingerprint, and ID number.
Etisalat, based in the UAE, has had a history working with the Emirati government on various initiatives. Notably, the company helped the government develop surveillance malware to be installed on Blackberry devices. However, it was quickly revealed that the "network upgrade" in disguise was in fact meant to spy on its mobile users.
EFF has long opposed national ID systems because they are fraught with potential abuse in every aspect of their creation and operation. Not only is it extremely costly to implement, the risk of fraudulent and flawed identification cards is very serious: these cards needs to distributed on such a scale that even a small percentage of errors could cause major social disruption. Moreover, such a mass collection of data leaves a high potential for abuse by both private and public actors.
Since carrying an ID card is mandatory in the UAE, this may mean that Emirati citizens may begin to be required to carry their phones on them at all times. Their objectives for working towards implementing this system currently unknown. However, integrating personal data with mobile phones can only bring trouble.
47% of All Internet Users Experience Censorship, Says OpenNet Initiative
According to the OpenNet Initiative (ONI)--a joint initiative of Harvard University, the University of Toronto and the SecDev Group--47% of the world's Internet users experience some form of fractured Internet. ONI bases their research on technical testing in 74 countries, 42 of which the researchers found engage in "some form of filtering of content." Though the aforementioned statistic (47%, or 960 million Internet users) includes countries like Morocco that engage only in "selective" blocking of websites, 31% of the world's Internet users live in countries that engage in "substantial" or "pervasive" online censorship.
Vietnam Aiming to be Enemy #1 (of the Internet)
Vietnam--which has been named an "enemy of the Internet" by Reporters Without Borders two years in a row--appears to be vying for first place on that list, in light of two recent news items. The first is a report that claims that the trial of eleven detained activists, including several bloggers, is "imminent." The report, from Radio Free Asia, calls the charges against the activists as "part of a larger crackdown" on activists and citizen journalists in the country.
In separate news, a brief from exiled political organization Viet Tan outlines a new decree by Vietnam's government that would require Internet users to register with their real names. In addition, it would require foreign Internet companies to relocate their data centers and establish local offices in Vietnam. According to Viet Tan, "These new rules could have serious consequences for companies such as Google and Facebook which have millions of Vietnamese users but are not physically located in the country." The draft decree, which can be found on Viet Tan's website, is dubbed "Decree on the Management, Provision, Use of Internet Services and Information Content Online."
EFF will be closely following the developments surrounding this proposed decree.
Iran Denies Plans to Cut Off Citizens from Internet
While Iran has not backtracked on its plans for a "halal Internet", this week Iranian authorities condemned a rumor that the country was planning to cut its citizens off from the global Internet by August. While that's all well and good, as MSNBC points out, "a firewalled Internet, much like those in China and North Korea, is not propaganda. In Iran, it's not a matter of if, but when."
Chinese Internet Users Cut Off--Briefly--From the World
For more than an hour on Thursday, Chinese Internet users were cut off from the global Internet, while Chinese sites were inaccessible from users outside of mainland China. While the cause of the blackout has not yet been determined, several media outlets theorized that it was either a result of the massive earthquakes near Sumatra (that may have damaged an undersea cable) or that the "Great Firewall" was undergoing routine maintenance.
Raise a glass with us and discover our latest work protecting digital innovation, privacy, and free speech, and learn more about the continuing fight to defend your freedom online. EFF's Speakeasy events are free, informal meetups that give you a chance to mingle with local members and speak with the people behind the world's leading digital civil liberties organization. It is also our chance to thank you, the EFF supporters who make it possible.
SPEAKEASY: BOSTON EFF Members-Only Happy Hour
Thursday, April 19, 2012 from 6-8 PM
Current donors in the Boston Area received an email invitation with location details on Tuesday, 4/10. Space is limited, so reserve your spot. If you are traveling through Boston that day and would like an invitation, contact firstname.lastname@example.org.
Not a member yet? Help defend our future when you join today!
New Yorkers: Worried about whether you will have a right to watch local TV broadcasts on your Internet devices? Aereo is a company that lets users watch their local channels by renting a dime-sized antenna at Aereo's facility - one per customer. The signal from that antenna gets sent over the Internet to a single user. In effect, the company moves the "rabbit ears" antenna from the top of your TV set to a central facility. Aereo, like the VCR, the DVR, and many other video technologies, simply lets people watch the TV shows they already have a legal right to watch at different places and times, and on different devices. And just like they did with many of those technologies, copyright owners are suing to shut it down. Aereo is beingsued by TV networks and stations who claim that providing antennas to individual TV watchers in their home city is a "public performance" that infringes copyright.
EFF wants to hear from Aereo customers as we explore how to keep broadcast TV free. If you are an Aereo customer, live in New York City, and want your voice heard, please send EFF an email at email@example.com. Tell us about how you use Aereo and why you think it should stay legal. The public airwaves belong to you - help us protect your right to access them when and how you choose.
Informal negotiations are underway in Chile this week on the Trans-Pacific Partnership Agreement (TPP). Up for negotiation are provisions dealing with intellectual property – including online copyright enforcement, DMCA-style digital locks, and Internet intermediary liability.
TPP countries are holding informal inter-sessional discussions this week to nudge countries closer to agreement on the controversial intellectual property provisions ahead of the next formal round of negotiations in May. While there is no public stakeholder forum, legal academics and civil society experts from various TPP countries are holding an informative seminar tomorrow [PDF] to highlight how leaked TPP texts would harm access to knowledge and affordable medicine.
The USTR has announced the dates for the next round of formal negotiations to take place in Dallas from May 8th through 18th 2012. However, unlike previous negotiation rounds, there will be no forum for stakeholders to present their views to the assembled TPP country negotiators. Instead, stakeholders are being asked to register their interest in sponsoring a table to provide negotiators who might so happen to stroll past with information on particular topics. The US Trade Representative’s Office has said it wants to finalize TPP by July.
UPDATE: There is a change of venue. It is now being held at Centro De Extension in Universidad Catolica, Sala Colorada (Alameda 390, Santiago). For more information go to the venue's website.
Now is the time to make your voice heard! Contact your Congressional representative to demand that the USTR release the IP text that it has provided to other TPP negotiating countries and the rightsholder industry representatives on the Industry Trade Advisory Committee on IP for public comment.
Police shouldn’t be able to get your sensitive location data – information that can reveal your religion, health, hobbies, and politics – on a whim. That’s why EFF is a sponsor of a new bill in the California legislature that would ensure law enforcement obtains a warrant before acquiring a person’s location information from an electronic device like a cell phone.
Senate Bill 1434, introduced by California Senator Mark Leno, follows the lead of the U.S. Supreme Court, which recently ruled that it was unconstitutional for police to install a GPS device on someone’s car without a warrant. But GPS vehicle tracking isn’t the only way to collect details on where you are and when. Our cell phones create a location data trail throughout the day as they ping nearby cell towers. Many other devices – like tablets – do the same, while mobile apps and other tools can collect even more detailed location information.
This data is a powerful tool for law enforcement, and should be available to police when it’s appropriate. But this information is extraordinarily sensitive, revealing things like your place of worship, if you are visiting a medical clinic, and who you visit and meet with. We can’t have police making decisions about who to track without any oversight – yet that’s exactly what’s happening. New data from the ACLU shows that law enforcement agencies across the country are collecting location data without a warrant or any court approval. Maybe these investigations are legitimate, or maybe in some cases police officers just have a bone to pick with a local resident. We can’t be sure that police aren’t abusing location tracking unless we require them to get a warrant. That’s why the bill also includes a reporting requirement, so we can keep track of who is getting this information and how often it’s being requested.
EFF and the ACLU of Northern California are teaming up to back SB 1434, and we hope you will too. The bill is set to be heard in policy committees in the Senate early this spring.
The Polish digital civil rights group Panoptykon Foundation recently published harrowing findings regarding abuses of Poland’s mandatory data retention law. Using a Freedom of Information Act request, Panoptykon obtained documents that reveal that in 2011, Polish authorities requested users’ traffic data retained by telcos and ISPs over 1.85 million times—half a million times more than in 2010. These findings underscore fundamental flaws in the Polish mandatory data retention law that was fast-tracked in legislation without public debate in 2009.
The law allows authorities to use the retained data in an almost limitless range of scenarios, including petty civil offenses and minor criminal investigations. Moreover, Polish authorities—ranging from law enforcement to intelligence agencies—can access the retained data without independent oversight and at no cost. Rather than require authorization from an independent judge, the law permits access to the data through a simple written or oral request authorized by the head of the Central Anticorruption Bureau, the Polish intelligence agency on anticorruption.
In addition, law enforcement agencies have no obligation to inform citizens that their privacy has been compromised. Under the law, though, telcos and ISPs are obliged to report annually to the Polish government the total number of requests received from law enforcement agencies. Using this provision, Panoptykon was able to acquire useful but ultimately incomplete statistics on government authority access to the retained data. Notably, the data doesn't indicate how often and for what purposes the data was accessed, making it impossible to assess whether this privacy-invasive law can be justified at all. Interestingly, the problem of excessive flawed government requests seems expand beyond the data retained by telcos and ISPs.
As in Poland, people everywhere are constantly relying on mobile companies and cloud services to communicate and store their most precious information on the network. We are leaving digital footprints at every moment that reveal the most sensitive information of our daily lives. As a result, governments are increasingly interested to access this vast amount of information. This seems to be the case in Poland. According to the Google Transparency Report within the period of January-June 2011, Google received 266 requests from Polish authorities to hand over Google’s users data. Of these, Google deemed less than 11% to be compliant with domestic laws. This is a far lower rate than in most European countries, making Poland second only to Hungary as the country with highest percentage of flawed government access requests.
To add insult to injury, Polish media reported two major cases where intelligence agencies used retained traffic and subscriber data to illegally disclose journalistic sources. For the first time, one of the affected journalists—Bogdan Wroblewski—has sued the Polish Central Anticorruption Bureau in a civil court to fight for his rights. Panoptykon intervened in the case arguing against the overbroad competence of the Polish Bureau. Wroblewski may have become a subject of interest to the Bureau after the publication of his articles describing the Bureau's activities. The next hearing will be held on April 12, 2012 in Warsaw.
For two years, Panoptykon and several other Polish groups have tirelessly fought against data retention mandates in Poland. Due to public pressure and increased media scrutiny, the Polish government announced last year a set of amendments to the law. Currently, Polish discussion is currently “in pause” after last year’s Polish elections but the public debate continues.
European Data Retention Directive
The Polish law originated as the misshapen offspring of the 2006 European Data Retention Directive. The highly controversial Directive obliged European Member States to adopt legislation to compel all ISPs and telcos operating in Europe to retain subscribers’ incoming and outgoing phone numbers, IP addresses, location data, and other key telecom and Internet traffic data for a period of 6 months to 2 years.
Panoptykon Foundation’s Executive Director Katarzyna Szymielewicz argues that Poland’s implementation of the Data Retention Directive is one of the worst in Europe with regard to privacy and transparency:
Polish data retention law goes even beyond what is permitted in the European Data Retention Directive. The retained data can be used for both general crime prevention purposes and civil cases. It therefore comes as no surprise that the number of government data requests operators receive has been constantly increasing. The situation will not get better unless we change the law.
Currently the European Commission is carrying out an impact assessment of the Directive, and has announced its intention to propose a revision of this infamous instrument. For now, the Commission has failed to demonstrate that this legislation is necessary and proportionate. Under the EU Charter on Fundamental Rights, the Directive will only be legal if both requirements are met. These requirements are important to ensure that Member States do not adopt severe legislative measures to address a problem that could otherwise be solved in a way that is less harmful to civil liberties. While the Commission is responsible to evaluate its compliance with EU law based upon evidence, they have continued to blindly support the Directive.
EFF, Panoptykon, and 27 other NGOs are a member of European Digital Rights (EDRI), a Brussels-based NGO fighting to repeal the European requirements regarding data retention in favor of a system of expedited preservation and targeted collection of traffic data. EDRI states:
The lack of data from the Member States has driven the Commission into the worst possible position, with no hope of support from Member States to repeal the Directive, no hope of data from the Member States to prove that data retention is necessary (because no such data appear to exist) and no legally defensible possibility to maintain the Directive as it is… The time has come for the Member States to either provide the data to prove their claim regarding the Data Retention Directive or for the Commissioner to take the only legal option available to her, to stand up to the Member States and the repeal of the Directive.
EFF supports EDRI’s call in urging the Commission to overturn this disproportioned mass surveillance legislation. This step would stop the ongoing violation of 500 millions of innocent Europeans, and prevent Member States such as Poland from using the Directive to legally justify this irrational massive collection and overbroad use of people's data.