The results show that the overwhelming majority of Internet users could be uniquely fingerprinted and tracked using only the configuration and version information that their browsers make available to websites. These types of system information should be regarded as identifying, in much the same way that cookies, IP addresses, and supercookies are.
In our analysis of anonymized data from around half a million distinct browsers, 84% had unique configurations. Among browsers that had Flash or Java installed, 94% were unique, and only 1% had fingerprints that were seen more than twice. However, our experiment only studied a limited number of variables, and the companies that offer specialized fingerprinting services are likely to use a wider and therefore more powerful range of measurements.
While almost all browsers are uniquely fingerprintable, there were four special categories that were comparatively resistant to fingerprinting:
Those that use TorButton, which successfully anticipated and defended against many fingerprinting measurements.
Mobile devices like Androids and iPhones (unfortunately, these devices tend not to have good interfaces for controlling cookies, and so may be trackable by that method)
Corporate desktop machines that are precise clones of one another (Such systems appeared to constitute around 3-4% of the visitors to Panopticlick; unfortunately, there are some fingerprinting techniques like CPU clock skew measurement which would will work against these systems. commercial fingerprinting services employ those techniques).
Ultimately, browser developers will need to take the lead in defending their users against this particularly troublesome form of tracking. That won't be easy, but our article includes a number of recommendations about how to start.
[Click here and here for earlier blog posts about the Gizmodo warrant.]
Today, San Mateo County Superior Court Judge Clifford Cretan ordered the release of the previously-sealed warrant affidavit that led to the search of Gizmodo editor Jason Chen’s house. As expected, the affidavit confirmed that there was no legal basis for the search.
The search warrant affidavit does indeed allege that Jason Chen committed three crimes: receipt of stolen property (California Penal Code section 496(a)), theft (California Penal Code section 499c(b)(3)), and “maliciously damaging the property of another” (California Penal Code section 594(b)(1)). Whether Chen will even be charged with such crimes, let alone convicted, remains to be seen. But as we have repeatedlypointed out, the warranted search and seizure of Chen’s property was still illegal.
In his recent article titled "iPhone, Gizmodo, and Moral Clarity About Crime," Rutgers law professor Stuart Green argued that the decision to seek a warrant was justified and that critics who question this decision must be confused, misguided, or "legally mistaken." Professor Green flatly misstated the law. Contrary to his assertion, there is no “specific exemption” to what Green refers to as the California reporter’s shield law “when the police are looking for evidence that the journalists … themselves committed crimes.” Moreover, the shield law itself, which is a testimonial privilege, however, that protects journalists who refuse to testify about sources and unpublished information, is not directly relevant to the Chen raid at all.
Instead, the applicable statute is California Penal Code section 1524(g), which categorically prohibits the issuance of warrants for “unpublished information obtained or prepared in gathering, receiving or processing of information for communication to the public.” This is a limitation on the warrant process itself and does not affect the potential legal liability of a journalist-suspect. Contrary to the assertions of Professor Green, George Washington University Law School Professor JonathanTurley, and others, it contains no exemption, specific or otherwise, that limits its reach.
The California Supreme Court has said that the reporter’s testimonial privilege might give way in very limited circumstances, such as when another constitutional right (like a defendant’s right to a fair trial) comes into play. No such right is implicated here. And in any event, the California Supreme Court has never second-guessed the California legislature’s judgment in passing the Penal Code section at issue here. Nor is it likely to, since the protection provided by 1524(g) was specifically enacted to limit the ability of law enforcement to search journalists pursuant to a search warrant, a protection that the U.S. Supreme Court held was not found in the U.S. Constitution.
The protections afforded to Chen by the California Penal Code will likely not affect the potential prosecution of any crime here. The police already know the identity of the person who purportedly found the phone and passed it on to Gizmodo. The allegedly stolen phone was returned to Apple before the raid. Moreover, the police also have Gizmodo’s detailed video analysis of the iPhone prototype, which would likely come in handy as evidence at any eventual trial. What the police will lose, if Chen’s attorneys choose to press the issue, is the information that they illegally seized. The police could then try to subpoena a small subset of this information from Chen directly. (Recall that all of Chen's computers and all of the data on them were seized in the raid). The issuance of a subpoena would would allow Chen and Gizmodo to challenge the validity of the district attorney’s legal position, a far different posture than the one Chen found himself in after armed police officers bashed in his door.
San Mateo prosecutors are predictably circling the wagons to defend the raid. The D.A. agreed to halt any search of Chen’s computers while he evaluates the implication of California legal protections for journalists, conceding that such a post-raid analysis is “unusual.” This concession speaks volumes about how much thought went into this raid before it took place. It should also give pause to commentators who have ignored the extent of the legal ramifications triggered by the search and instead rushed to the defense of the police, confusing a desire to force the police to comply with the law with an attack on the enforceability of trade secret or copyright law.
Opposition to the police raid of Jason Chen’s home has nothing to do with misplaced support for a scrappy underdog or an affinity for schoolyard conceptions of right and wrong. Objections to overreaching police power are rooted in both a dedication to free speech and freedom of the press and in a fealty to the rule of law. The relevant legal question in the Chen matter is whether the police obtained a warrant for “unpublished information obtained or prepared in gathering, receiving or processing of information for communication to the public.” Obviously, they did. If critics believe that police should be able to execute warrants to seize unpublished notes and other data held by journalists – and I would urge them to think through the ramifications of such a decision – then the proper course is to lobby the legislature for such a change to the very clear statute that is now in place, not to pretend that the law already supports their position.
About a year ago, Facebook suffered a tremendous consumer backlash over its changes to the Terms of Service. To quell the uproar, Facebook introduced a set of Principles. Through a "Facebook site governance" vote, users voted on whether these Principles should serve as the foundation for governing the site." At the time, the company trumpeted the success of the vote, by which about 75% of voters selected the new Facebook Principles: "We strongly believe that our proposed documents satisfied the concerns raised in February." As Facebook explains, the Principles are "the foundation of the rights and responsibilities of those within the Facebook Service." A year later, the foundation is cracking.
Now Facebook flatly contradicts its own stated Principles. The contradictions are clearly shown in Facebook's widely panned () response to New York Times readers' questions on the social network's brave new privacy practices. A reader asked Elliot Schrage, Facebook's vice president for public policy, the key question: "Why can’t I control my own information anymore?"
The answer should have been easy. Facebook's Principles declare:
People should have the freedom to decide with whom they will share their information, and to set privacy controls to protect those choices.
Instead of saying "Sorry, we'll fix it," Facebook's response was dismissive. The company said that "Joining Facebook is a conscious choice" and more bluntly, "If you’re not comfortable sharing, don’t." It's Facebook's way or the highway. Schrage lists the information that Facebook requires to be public information, focusing on how people choose to submit this information and make connections instead of Facebook's choice to remove privacy controls.
Another reader asked "Why not simply set everything up for opt-in rather than opt-out?" Facebook's answer was a strange exercise in Newspeak - "Everything is opt-in on Facebook. Participating in the service is a choice." In Facebook's view, simply by signing up for the Facebook service, one has opted in to whatever sharing it later desires — even if you are one of the over 300 million users who joined before the switch to "public information" without privacy controls. Facebook is going to share the information it deems public, and you're supposed to Like it.
This is not the freedom of choice that Facebook's previously vaunted Principles declare. The "foundation for governing" Facebook does not speak of control as the choice whether to share information, but with whom. Facebook's promises speak of protecting users with privacy controls, not withholding the information.
Facebook's Principles also declare that "Every Person should be able to use the Facebook Service regardless of his or her level of participation or contribution." Now Facebook suggests that the users who aren't willing to play ball must leave.
Of course, as Facebook explains in response to another question, if you decide to leave by deactivating your account, information is saved in case you decide to reactivate later. Even if you delete your Facebook account, you have to wait 14 days and even then Messages and Wall posts remain. The Facebook Principles are much clearer: Users have the right to "take [their data] with them anywhere they want, including removing it from the Facebook Service." Again Facebook is not living up to its promises.
These promises are important. These are the reassurances that helped people decide whether to trust Facebook with their information. They should not be discarded lightly, with glib quips like "Please don’t share if you’re not comfortable." If Facebook truly believes that its users "should have the freedom to share whatever information they want," it must enable that sharing by making people comfortable.
Facebook wrote these Principles and designed them to not only reassure its users, but to give itself wiggle room for the future. It is a carefully drafted document, and Facebook has no excuse not to live up to the minimum standards it set out for itself. If Facebook wants to regain the trust of its users, following its own principles would be a good place to start.
At any hour of the day or night, millions of people around the globe are engrossed in multiplayer online games, questing and battling to win virtual "gold," jewels, and precious artifacts. Meanwhile, others seek to exploit this vast shadow economy, running electronic sweatshops in the world's poorest countries, where countless "gold farmers," bound to their work by abusive contracts and physical threats, harvest virtual treasure for their employers to sell to First World gamers who are willing to spend real money to skip straight to higher-level gameplay.
Mala is a brilliant 15-year-old from rural India whose leadership skills in virtual combat have earned her the title of "General Robotwalla." In Shenzen, heart of China's industrial boom, Matthew is defying his former bosses to build his own successful gold-farming team. Leonard, who calls himself Wei-Dong, lives in Southern California, but spends his nights fighting virtual battles alongside his buddies in Asia, a world away. All of these young people, and more, will become entangled with the mysterious young woman called Big Sister Nor, who will use her experience, her knowledge of history, and her connections with real-world organizers to build them into a movement that can challenge the status quo.
If you're in San Francisco, come support EFF and hear a great contemporary science fiction author read from his latest work!
Should US and European law enforcement agencies be given unrestricted access to commercial and travel transactions from individuals around the world without judicial oversight? That was the question on the table in a heated debate in the European Parliament this week.
In the early years of the so-called “War On Terror”, the US government created a number of secret programs that granted it and its agents sweeping new global surveillance powers. In particular, the US Treasury Department has sought and been given access to financial information held by the SWIFT network to find and track down individuals suspected of terrorism as part of its Terrorism Finance Tracking Program. Another agreement requires all airlines flying to the US to provide the Department of Homeland Security with full electronic access to detailed personal information on all passengers, in the form of Passenger Name Records (PNRs).
Europeans have long been arguing that handing over this information to US law enforcement agencies violates privacy rights protected by European legislation. But when the Lisbon Treaty and the European Charter of Fundamental Rights entered into force at the end of 2009, personal data protection was greatly strengthened in Europe. In addition, the European Parliament now has a crucial right to give or withhold consent to these international data-sharing agreements. This year, the European Parliament has used its new powers to demand that the European Commission and European Council address serious data protection, privacy and due process concerns.
Read on to hear more about the debate in European Parliament.
No Financial Data Sharing Agreement
On the financial data transfer agreements, yesterday the Parliament adopted a resolution stating that indiscriminate bulk data transfers bypass EU legislation. Members of Parliament also demanded that any possible future agreement guarantee European citizens the same rights as US citizens in the event of an abuse of the data; currently only US citizens and permanent residents can claim rights under the US Privacy Act - EU citizens have no redress. The Parliament has also demanded access to any documents that demonstrate the actual need for these agreements.
SWIFT is a banking network, headquartered in Brussels, that routes financial data between 8,300 financial institutions in over 208 countries. There have been several previous SWIFT interim agreements, all of which have ignored existing legal safeguards against government abuse of citizens' data. This was the primary reason why the European Parliament rejected the latest interim-agreement last February. These accords allow US law enforcement agencies to access citizens' financial data held by the SWIFT network with complete immunity, bypassing court-approved warrants or subpoenas required to examine specific transactions. As Dutch MEP Jeanine Hennis-Plasschaert said, "with the proposed [rejected] interim-agreement we, instead, rely on broad administrative subpoenas for millions of records of European citizens".
No Travelers' Passenger Records Agreement
On the Passenger Name Records (PNR) accord, the European Parliament yesterday decided to postpone its vote to approve or reject the agreement until a standard Passenger Name Record file model is devised that meets Parliament's demands regarding data protection. The Parliament Resolution calls for any future PNR agreement to be created as a binding international treaty. The Resolution further demanded an appropriate mechanisms for independent review, judicial oversight and democratic control. The interim PNR agreement requires all airlines flying to the US to provide the Department of Homeland Security with full electronic access to detailed personal information on all passengers.
Between 2004 and 2007, three consecutive agreements between the US Department of Homeland Security and the Council of the European Union were negotiated, over the objections of the European Parliament. In 2004, the European Court of Justice annulled the 2004 agreement on the basis of a complaint made by the European Parliament. The 2007 PNR agreement required 19 categories of data to be collected, stored and disclosed to US law enforcement authorities. As European lawmakers said, "PNR data, which was originally collected for commercial purposes, is increasingly being used to combat crime."
While the European Parliament is now playing an important role in calling for information on the need for these agreements, and plans to scrutinize the agreements to see whether they’re limited to law enforcement purposes (and not for instance, for copyright enforcement), by comparison, the US Congress currently plays no role in oversight of their negotiation.
So where does all of this leave citizens who are concerned about this massive government effort to collect, use, and disclose their personal data, without judicial oversight? There is growing recognition that legally enforceable data protection standards and legal safeguards against intrusive warrantless electronic surveillance of private information are needed.
These privacy protection concepts are embodied in Article 17 of the International Covenant on Civil and Political Rights, the most important international treaty that protects the right to privacy. In analyzing Article 17, the UN Special Rapporteur has highlighted the erosion of the right to privacy in the fight against terrorism. In its 2009 annual report, he emphasized "the need for a comprehensive data protection and privacy law that creates limits on the use, storage, and disclosure of the information, and that they have a right to access and redress, regardless of nationality and jurisdiction."
In March, we wrote about Playstation 3 owners who were up in arms after Sony announced that a new firmware "upgrade" would actually disable a feature that enables users to run GNU/LINUX and other operating systems on their PS3 consoles. In response, a class action lawsuit has now been filed against Sony on behalf of PS3 owners who purchased their consoles after November 16, 2006 and before March 27. The complaint alleges breach of contract, breach of the covenant of good faith and fair dealing, and unfair and deceptive business practices.
Consumers should not have to sit idly by when the devices they have purchased are retroactively downgraded without their consent. We look forward to seeing how this lawsuit turns out.
Wolfire Games is running an innovative pay-what-you-want promotion for five great indie video games with some proceeds benefiting EFF! Normally the five games would be valued at $80, but from now until Tuesday, 5/11, you can pay what you want for the entire game bundle including:
World of Goo
The games are DRM-free and work with Mac, Windows, and Linux. The coolest part is that you can choose how to divvy up your payment between the game developers, Child's Play charity for kids, and the Electronic Frontier Foundation! Have fun, feel good, and don't forget drop some change in the EFF bucket. But wait! There's more! EFF will offer a complimentary Pioneer Membership with our top-shelf swag to the first 30 people to donate $100 or more (divided in any manner you choose) for the bundle! Check out the Humble Indie Bundle site for all the details (in both print and convenient video rap form).
We at EFF would like to offer our heartfelt thanks to Wolfire for including us, and cheers to all of the developers for their generosity and creativity. Now go get your bundle!
"Connections." It's an innocent-sounding word. But it's at the heart of some of the worst of Facebook's recent changes.
Facebook first announced Connections a few weeks ago, and EFF quickly wrote at length about the problems they created. Basically, Facebook has transformed substantial personal information — including your hometown, education, work history, interests, and activities — into "Connections." This allows far more people than ever before to see this information, regardless of whether you want them to.
Since then, our email inbox has been flooded with confused questions and reports about these changes. We've learned lots more about everyone's concerns and experiences. Drawing from this, here are six things you need to know about Connections:
Facebook will not let you share any of this information without using Connections. You cannot opt-out of Connections. If you refuse to play ball, Facebook will remove all unlinked information from your profile.
Facebook will not respect your old privacy settings in this transition. For example, if you had previously sought to share your Interests with "Only Friends," Facebook will now ignore this and share your Connections with "Everyone."
Facebook has removed your ability to restrict its use of this information. The new privacy controls only affect your information's "Visibility," not whether it is "publicly available."
Explaining what "publicly available" means, Facebook writes:
"Such information may, for example, be accessed by everyone on the Internet (including people not logged into Facebook), be indexed by third party search engines, and be imported, exported, distributed, and redistributed by us and others without privacy limitations."
Facebook will continue to store and use your Connections even after you delete them. Just because you can't see them doesn't mean they're not there. Even after you "delete" profile information, Facebook will remember it. We've also received reports that Facebook continues to use deleted profile information to help people find you through Facebook's search engine.
Facebook sometimes creates a Connection when you "Like" something. That "Like" button you see all over Facebook, and now all over the web? It too can sometimes add a Connection to your profile, without you even knowing it.
Your posts may show up on a Connection page even if you do not opt in to the Connection. If you use the name of a Connection in a post on your wall, it may show up on the Connection page, without you even knowing it. (For example, if you use the word "FBI" in a post).
You can send Facebook your comments on the new Connections here.
Updated, May 5: We changed Item #6 to clarify how Facebook uses your post.