In response to ongoing protests, Egyptian president Hosni Mubarak ordered a shutdown of all Internet access for five whole days, from January 28 to February 2, but social media and news continued to flow in and out of the country thanks to a group of protagonists dedicated to supporting the flow of information.
EFF board member and co-founder John Gilmore once described the technical robustness of the Internet against censorship by saying: "The Internet interprets censorship as damage and routes around it." Egypt's Internet blackout demonstrated an additional dimension to this adage: that the Internet's anti-censorship features are enhanced by, and to some extent may depend upon, the willingness of individuals and companies to stand up for free expression.
Governments throughout the world are coming to know that citizens' ability to get and give information through the Internet is dependent upon "weak links," and that the most effective route to silencing communications is to lean on a weak link. This is how the Egyptian Internet blackout was carried out: Nearly all of the major ISPs in EgyptLink Egypt, Vodafone, Telecom Egypt, Etisalat Misr, and Internet Egypt Networktook their services offline within minutes of each other, ostensibly under some kind of pressure from the Egyptian president, Hosni Mubarak. Vodafone issued a statement claiming that they had acted at the behest of the Egyptian government, and the company would later issue a similarly anemic statement after being forced to send pro-Mubarak SMS messages to their customers.
While corporations can be put in a difficult situation when pressured by governments to take actions that violate the rights of their customers, ISPs should not be let off the metaphorical hook with the lame, dangerous excuse of "just following orders." There is a growing awareness that companies have significant public interest responsibilities and should be held accountable for the impact they have on human rights.
The vulnerability of "weak links" is something Internet freedom advocates have been worried about for a long time; it's baked into the architecture of the Internet and there's no easy answer. However, the Egypt Internet blackout demonstrated a strength of the Internet in terms of circumventing censorship—that the Internet is highly amendable to the establishment of "quick links," the kind of relatively easy, quick-and-dirty solutions that get devices and communications content itself onto the Internet.
For example, France Data Network (FDN) and Telecomix News Agency responded by providing dial-up access to Egyptians during the Internet blackout. In a press release, FDN characterized the blackout as an "open attack from a state against the Internet" and offered its dial-up services to Egyptians with analog phones that could call into France as a way of helping to support freedom of expression. Telecomix News Agency, an organization devoted to informing the public about Internet freedom issues, also provided dial-up access as well as extensive technical support. In spite of the government's autocratic control over Egyptian ISPs, the quick, principled establishment of alternatives was able to keep information flowing.
Another example of a "quick link" is Speak2Tweet, the Google/SpeakNow project which gave Egyptians an alternative way to make their voices heard during the Internet blackout. Within a couple of days, the Speak2Tweet service allowed Egyptians to use telephones to leave voicemail messages, which were then posted to Twitter. Egyptians have used the service to leave thousands of voicemails, some of which have been translated into English.
However, at the core of all of this effort to promote free expression with technology is the bravery and dedication of the Egyptian protesters. Though the Internet blackout impaired Egyptians' ability to coordinate and communicate, protests continued in Cairo, Alexandria, and Suez with record turnout. All of the work to protect and enable free expression in the face of powerful government censorship actions would have been useless if Egyptian protesters had been cowed into staying home. While the role of technology in these revolutions is being hotly debated, what matters the most is people, their safety, and their rights, and that the best communication toolsfor activists or otherswill serve those ends without compromise.
UPDATE (2/9/11): In another move to fast-track PATRIOT Act renewal before three of its most controversial provisions expire at the end of the month, the House is expected to call another vote on a PATRIOT reauthorization bill any day now. Unlike the two-thirds majority that would have been needed to pass the measure on Tuesday, the next vote will only require a majority to pass. Your voice is needed now more than ever.Act now - contact your Representatives and tell them not to rubber-stamp the PATRIOT Act extension!
Today in the U.S. House of Representatives, an unlikely alliance of House Democrats and Republicans stood up for civil liberties and successfully beat back a fast-track attempt to reauthorize the USA PATRIOT Act without the much-needed checks and balances EFF has championed.
The renewal bill voted on today would have extended three dangerous surveillance provisions in the PATRIOT Act until December 2011, provisions that are otherwise set to expire at the end of this month. In order to pass under the fast-track procedure adopted by House leadership to prevent the introduction of any reform-minded amendments, the bill would have had to garner a two/thirds majority--that is, 290 votes. The renewal effort narrowly failed on a final vote of 277 Yeahs to 148 Nays, thanks to the staunch opposition of Democratic leaders and an insurgent movement of freshman Republican Representatives and "Tea Party" conservatives who were unwilling to rubber-stamp the PATRIOT renewal.
Rep. Dennis Kucinich (D-Ohio), one of the most consistent anti-PATRIOT voices, once again voiced his opposition to PATRIOT renewal today, voicing concerns about the civil liberties implications of the proposal:
The Patriot Act is a destructive undermining of the Constitution. How about today we take a stand for the Constitution to say that all Americans should be free from unreasonable search and seizure, and to make certain that the attempt to reauthorize the Patriot Act is beat down.
The House Judiciary Committee's ranking Democrat, John Conyers (D-Michigan), has been just as outspoken, calling the PATRIOT Act "One of the worst laws this body has ever passed."
Meanwhile, some new Republican Representatives refused to vote for the bill both out of concerns about the bill and frustration at the rushed renewal process. Rep. Todd Rokita (R-Ind.), one of the Republican freshman who voted "no", complained that he “didn’t know anything about (the vote) until today.” Rokita continued:
In a free society you have to be very careful as to taking away the civil liberties of the American people.... Even if the bill is well intentioned and the law is well intentioned it can be used against innocent people. So that was my concern.
While today’s vote was a victory for civil liberties, we are not yet free of the expiring surveillance provisions or the PATRIOT Act itself. The White House is advocating for reauthorization of the PATRIOT Act until December 2013, and Congessional leaders in both the House and the Senate are determined to pass some sort of PATRIOT renewal bill before Congress leaves for recess at the end of next week. So please stay tuned to our action center to learn how you can speak out for civil liberties in the crucial weeks ahead--and thank you to everyone who acted to help stop today's PATRIOT Act sneak attack!
One of the major problems with the mass copyright lawsuits we seen over the last year is that the judges hearing the cases often aren’t aware of the full legal and practical context of the litigation. That’s because they are asked to make important decisions (e.g., whether to allow the plaintiffs to send out subpoenas for the Does’ identities) before any of the defendants have had a chance to point out the fundamental flaws in the plaintiff’s case.
Last Friday, Electronic Frontier Foundation and its co-amici Public Citizen, American Civil Liberties Union and ACLU of the Nation’s Capital took one more step toward addressing that problem for one of the cases in the District of Columbia, Call of the Wild v. Does 1-1062. This is actually one of the earlier troll cases: it was originally filed in March of last year, with the U.S. Copyright Group acting as counsel for the plaintiff. In June, EFF submitted an amicus brief noting critical due process and speech problems with the lawsuit. In January, the case (and several other mass copyright cases) was transferred to a new judge, Judge Beryl A. Howell. Shortly thereafter, USCG submitted a response to our brief.
We decided to submit a further brief, because we thought Judge Howell might like to know about various recent developments, such as the fact that federal judges in West Virginia and California have recognized that it is improper to join thousands of people in one lawsuit based solely on the fact that they all allegedly used the same software protocol to share one or more copyrighted works. We urged Judge Howell to take a similar approach and also explained that the plaintiff had failed once again to meet its burden of establishing jurisdiction and to meet the leading test for obtaining a Doe’s identifying information. Finally, we corrected the record regarding measures Judge Rosemary Collyer has taken in similar cases in the District of Columbia to dismiss defendants who had clearly been sued in the wrong court.
We're glad that courts around the country are taking steps to help ensure that the litigation process is fair to both plaintiffs and defendants. We hope Judge Howell will do the same.
Tell your Congressperson to vote NO on the USA PATRIOT Act in tomorrow's vote! The PATRIOT reauthorization bill being fast-tracked to the House floor contains NO reforms to the law, and will be voted upon with NO debate and NO opportunity for amendments to add oversight and accountability. Help stop this sneak attack on your civil liberties: there are only hours left to visit our Action Center and tell your Representative to vote "NO" on H.R. 514, the PATRIOT extension bill.
In late 2009, when PATRIOT reauthorization was originally being considered by Congress, many important PATRIOT reform measures were proposed and debated, and a bill filled with powerful new checks and balances was reported favorably out of the House Judiciary Committee. But, as Congress ran up against the renewal deadline, it decided that there was not enough time to fully consider those reforms. So, in February 2010, Congress instead extended the "sunsetting" sections of the law until the end of this February, with a promise to fully consider the issues before the next deadline.
But Congress is breaking its promise to consider reforms to the PATRIOT Act. In a legislative sneak attack, the new Republican leadership in the House is trying push Representatives to rubber-stamp another PATRIOT renewal. The House leaders just announced on Friday that they’ll be "suspending the rules" so that a bill introduced by Rep. Sensenbrenner to extend the expiring PATRIOT provisions until December 8, 2011 will go to the House floor for a vote TOMORROW, without any debate and without any opportunity for anyone to offer amendments to improve the bill.
In particular, the bill would renew the following dangerously unchecked PATRIOT powers:
• The government’s power under PATRIOT Section 215 to obtain secret court orders for Internet, phone and business records of people who are not suspected of terrorism or spying;
• The government’s "lone wolf wiretapping" power, allowing it to get court orders authorizing secret foreign intelligence wiretaps against individuals who have no connection to any foreign power or terrorist group; and
• The government’s power to obtain blank-check "roving" wiretap orders that can be used to tap any phone number, email account or other communications facility that the government believes is being used by its target.
These provisions should not be renewed, and certainly not without any debate or any new checks and balances to prevent abuse and protect civil liberties. So please act now to tell your Representatives that they should vote NO to the PATRIOT Act in tomorrow's vote!
The FCC published its long-awaited final Report and Order on net neutrality at the end of December (more on that in part 2 of this post), but the debate is far from over. Republican members of Congress have loudly voiced their displeasure with the attempt to regulate internet activity; they’ve already filed a bill putting internet regulatory authority solely in the hands of Congress. Democratic members have filed their own bill establishing clear regulatory authority in the FCC, and they generally complain that the regulations don’t go far enough.
In addition, Verizon and MetroPCS recently challenged the FCC Order in the D.C. Circuit. Since the Order hasn’t yet been published in the Federal Register, we think they’ll have an uphill battle arguing that the issue is ripe for review. But it’s clear the companies are filing now for a reason: to try to ensure that the Order is reviewed by the same court that last year held the FCC had overstepped its authority in trying to regulate Comcast for its non-neutral practices regarding BitTorrent.
In that case, the Court rejected the FCC’s overbroad argument that it had “ancillary” jurisdiction to discipline Comcast based on its mandates under the Telecommunications Act. Surprisingly, the FCC hasn’t really changed its position. The Order focuses on Section 706 of the Telecommunications Act, along with a host of other provisions to again argueyesancillary jurisdiction to regulate the Internet, despite the D.C. Circuit’s earlier rejection of this very theory. It’s as if the FCC hopes that by throwing everything within reach at the problem, a court is bound to find at least one justification for the kind of broad regulatory authority over the Internet the Commission now seeks.
We’re wholly in favor of net neutrality in practice, but a finding of ancillary jurisdiction here would give the FCC pretty much boundless authority to regulate the Internet for whatever it sees fit. And that kind of unrestrained authority makes us nervous about follow-on initiatives like broadcast flags and indecency campaigns. In general, we think arguments that regulating the Internet is “ancillary” to some other regulatory authority that the FCC has been granted just don’t have sufficient limitations to stop bad FCC behavior in the future and create the “Trojan horse” risk we have long warned about.
For what it’s worth, Section 706 itself isn’t a great hook for FCC authority to regulate non-neutral behavior. 706 authorizes the FCC to take steps to stimulate build-out of telecommunications infrastructure, especially in order to increase the reach of telecom services to more Americans. (In the language of the statute, the FCC “shall encourage the deployment on a reasonable and timely basis of advanced communications capability.”) While promoting network openness may somehow result in the building of new infrastructurelaying more fiber, etc.the suggestion that regulating the Internet is “ancillary” to the effective performance of the FCC’s 706 responsibilities is a stretch and seems far beyond what Congress intended with this section. None of the other provisions cited in the Order are very promising either.
If the D.C. Circuit does hear the Verizon and MetroPCS cases, we think it’s very likely that they’ll again hold that the FCC’s latest argument for ancillary jurisdiction under 706 doesn’t give it a pass to regulate the Internet.
In the second part of this post, we’ll look at the main provisions of the final Report and Order and see how those compare with EFF’s comments on the FCC’s original Notice of Proposed Rulemaking.
Today EFF filed a reply brief in its FOIA lawsuit seeking records from the FBI, DOJ and DEA that would justify the Administration’s need to expand federal surveillance laws like the Communications Assistance to Law Enforcement Act (CALEA). The proposed expansion would require communications providers like Skype, Facebook, Blackberry and Twitter to build wiretapping capabilities right into their systems, and although we know Congress intends to turn to this issue early this year, FBI, DEA and DOJ have argued they can’t give us all the documents we asked for until the summer of 2012. To force the government to turn over documents on a timeline that would actually allow them to influence the debate, we filed a motion for partial summary judgment, asking the court to order the agencies to produce documents within 10 days.
This lawsuit is based on two separate but related FOIA requests, one of which has now been pending with the FBI for almost two years. The earlier request seeks documents on the FBI’s “Going Dark Program,” a program intended to bolster the Bureau’s electronic communications intercept capabilities that could be strengthened by new legislation. The second request, now pending for four months, seeks materials related to a legislative expansion to CALEA, including evidence of any limitations of current surveillance technologies and records of communications between DOJ agencies and technology companies, trade organizations and Congress about potential legislation.
Although it’s clear the agencies in this suit have been actively lobbying the Administration, Congress, and communications providers about expanding CALEA (see New York Times articles here, here, and here and FBI Director Robert Mueller’s statement here), and also clear that Congress intends to focus on this issue in 2011, the government told the court that, without actual legislation on the books, there can be no urgency to our FOIA request. Amazingly, the government also proposed a production schedule that would mean EFF would not receive the entire anticipated disclosure until August 1, 2012 — nearly two years after our second FOIA request. By that time, there’s no way the documents could have anything more than historical relevance, much less influence the debate on legislation.
As our FOIA requests made clear, the public needs to see these documents now. While CALEA currently requires phone, broadband and VOIP providers to build wiretapping capabilities into their systems, the law does not apply to other communications providers like Facebook, Google, Blackberry, Twitter and Skype. The expansions to CALEA the Administration is reportedly seeking would change that – and without any clear evidence that law enforcement agents need this to be able to do their jobs. As we tried to make clear when Congress last expanded CALEA in 2005, federal laws like the Wiretap Act currently allow law enforcement to conduct surveillance with the proper legal processes in place. But just because law enforcement has the legal ability to do this sometimes doesn’t mean agents should have the physical capabilities to do this all the time.
Lawmakers have so far rejected requiring back doors to electronic communications because they are ineffective, cause security vulnerabilities, and hurt American business -- on top of the damage they would do to Americans’ privacy and free speech rights (read more here). Any discussion about the need to mandate building surveillance capabilities directly into technologies must start with these critical records.
We’ll post again here when we either have a ruling from the court or receive documents from the government.
"Effective data protection is vital for our democracies and underpins other fundamental rights and freedoms." - Viviane Reding, Vice-President of the European Commission and Commissioner for Justice, Fundamental Rights and Citizenship.
Last Friday, privacy advocates and government officials in countries across the world celebrated the 5th annual International Privacy Day — even as individual privacy is threatened by surveillance proposals and security breaches worldwide. This day commemorates the first legally binding international agreement on data protection – the Council of Europe’s Convention 108- which was opened for signature on January 28th, 1981. Last week’s celebration marked the 30th anniversary of Convention 108, which has served as a foundation for many countries’ national data protection laws. It is an opportunity to raise public awareness about privacy threats and to urge governments to protect citizen's privacy rights.
In Europe, the celebration highlighted citizens' rights with respect to collection and processing of their personal data. Several events organized by governmental and privacy advocates drew attention to the value of privacy in our societies. The European Court of Human Rights joined the celebration by compiling some of its key judgments protecting citizens’ privacy rights. The European Data Protection Supervisor, an independent authority tasked with ensuring that EU authorities and bodies comply with EU rules on data protection and privacy, celebrated the occasion by calling attention to the need for governments to set the right balance between security and the protection of fundamental rights. It emphasized that “authorities should only collect information for specific purposes," and criticized attempts to create enormous databases of personal information "just in case" of a crime, promoting instead the concept of targeted data collection. This comes even as the European Commission is revising their Mandatory Data Retention Directive, a framework that allows blanket surveillance of traffic data on private citizens’ online activities.
In the U.S., the Senate expressed support for the designation of January 28, 2011 as U.S. National Data Privacy Day for the third year in a row. It is a welcome gesture, if no somewhat ironic, given that the U.S. Congress is discussing legislation that undercuts the fundamental principles of individual privacy they purport to celebrate. (If you need a refresher, see CALEA II, USA PATRIOT Act renewal, data retention mandates and the much-discussed cybersecurity bill).
Celebrations were also held in Canada,Mexico, UK, Nepal, among others. In Nepal, Privacy Nepal urged the Nepalese government to pass the Data Protection Act to safeguard the privacy of Nepalese citizens. They further raised their concerns about the national ID card, and the dangers posed to citizens’ privacy rights.
Much of International Privacy Day rightly focuses on the advances established by critical moments in history, but it is clear that all governments around the world must move quickly and more aggressively to truly improve privacy as we move into the future. Despite the high degree of theoretical protection for privacy and private communications in international law and national Constitutions, in recent times we have seen an increase of legal exceptions, lack of enforcement of privacy laws while the threats to citizens’ privacy multiply.
For example, increasingly ubiquitous online surveillance technologies undermine the legal protections for privacy. While there has been a significant expansion in the volume of personal data that is being collected and stored by third party providers, mechanisms to ensure that law enforcement agencies are only granted access to that data in appropriate circumstances have not kept pace. Mandatory data retention regimes to force ISPs and telecom providers to log information about users’ online activities and communications are an overwhelmingly invasive and costly mandate with serious privacy and free expression implications. And hard lessons about the cost of the failure to protect privacy are already being learned, as we've seen in Iran and Tunisia. Political activists in authoritarian regimes have used social networking tools to rejuvenate and empower democratic participation, collaboration, and freedom of expression, but those same tools also give authoritarian governments new ways to identify and track political activists that they wish to silence.
For these reasons, we believe that governments around the world need to take urgent action to give real meaning to the right to privacy and to protect citizens’ personal data from these new threats.
EFF calls upon governments worldwide to:
Repeal the EU Data Retention Directive, and any mandatory data retention regime that requires ISP to preemptively record traffic data about the online activities of millions of citizens who haven't committed any crime.
Provide strong safeguards against government intrusion of individuals' information stored in third party providers, especially cloud service providers.
Provide strong safeguards against government intrusion of individuals' transactional data such as the location of your cell phone, click stream data revealing the web sites you visit, and search logs indicating what you searched when using search engines. Monitoring of this information is just as invasive as reading your email or listening to your phone calls.
These long-overdue reforms would be a first attempt to bring privacy protection back in line with the strong policies and traditions first established by International Human Rights Law. We look forward to continuing our work with privacy advocates on these issues, and hope to see governments and industries live up to the promise of better privacy and greater freedom.
EFF yesterday filed comments in response to the Copyright Office’s recent Notice of Inquiry regarding the “desirability and means of bringing sound recordings fixed before February 15, 1972, under Federal jurisdiction.”
Pre-1972 sound recordings are the vestigial tail of copyright law, a subset of works that are carved out of the federal Copyright Act and still receive protection under state law. The environment of uncertainty created by this carve-out has undermined the basic goals of copyright: to encourage the growth of a vibrant cultural commons. The tangle of fifty potentially inconsistent protection schemes is virtually impossible to reconcile; also, state copyright laws are largely undeveloped when it comes to exceptions and limitations such as fair use and the DMCA safe harbors that we count on under federal law. Even though these principles might prevail in state courts, the unpredictability is enough to chill preservation, distribution and creative re-use of these sound recordings. For example, libraries, archives, educational institutions and others have been discouraged from preserving and providing digital access to this group of works.
EFF has recommended that pre-1972 sound recordings be brought under federal jurisdiction, with several important caveats:
(1) Under federal jurisdiction, an infringing use of a pre-1972 sound recording would be subject to statutory damages. As we’ve frequently stated, statutory damages themselves have a dangerous chilling effect on expression. Therefore, we would eliminate or at least reduce the availability of statutory damages for pre-1972 sound recordings.
(2) People and institutions that use pre-1972 sound recordings in reliance on an aspect of state copyright protection that isn’t available under federal law should be given notice and opportunity to protect themselves. And, under certain circumstances, they should also be accorded special dispensations for continued use.
(3) In order to augment First Amendment interests and incentives for preservation of pre-1972 sound recordings, this corpus of works should have a shortened term of protection.