In an era where political and corporate leaders are attacking the free press as “the enemy of the people,” it’s crucial that we recognize the truth: journalists every day are uncovering stories that protect our rights and hold those in power accountable. Meanwhile, as the media landscape shrinks, non-profits are also stepping in to carry the load. Here are some of the investigative bombshells that we read, re-read, and shared this year. (And a big thank you to our friends and supporters on Twitter who helped us remember all the great scoops from 2018.)
Give Me My Data
Engadget reporters undertook a massive task to find out who controls your online data:
A team of nine Engadget reporters in London, Paris, New York and San Francisco filed more than 150 subject access requests—in other words, requests for personal data—to more than 30 popular tech companies, ranging from social networks to dating apps to streaming services. We reached out before May 25th—when previous laws for data access existed in the EU—as well as after, to see how procedures might have changed.
The result was one of the most comprehensive examinations of the state of play of consumer privacy across the major platforms.
- Who Controls Your Data? - Engadget
Georgia On My Fender
One of the nation's most ubiquitous surveillance technologies—automated license plate readers (ALPR)—proliferate in the Peach State. Following in the footsteps of EFF’s research in California, reporters from different Atlanta media outlets teamed up to generate the first comprehensive portrait of ALPR data collection across the state. They filed numerous public records requests with jurisdictions deploying the technology, including obtaining two days worth of data from the Georgia Department of Public Safety. They created maps of how and where this data was collected and generated a visualization showing how one car can be tracked in near real-time over the course of a single data.
Fake Friends on Facebook
EFF has long raised concerns with the practice of law enforcement officials creating fake profiles to infiltrate private groups on social media sites such as Facebook. This year saw incredible reporting on this epidemic, most notable from The Appeal, which revealed how Memphis Police Department created a “Bob Smith” profile to spy on Black Lives Matter activists. This lead EFF to successfully pressure Facebook to send MPD a cease and desist letter and update its online guidelines for law enforcement. Meanwhile, NBC News also probed the issue nationwide, while Gizmodo filed public records requests around the country to gauge how departments are writing policies for these types of covert investigations.
- Meet ‘Bob Smith,’ The Fake Facebook Profile Memphis Police Allegedly Used To Spy On Black Activists - The Appeal
- Very Few Police Departments Have Rules for Undercover Cops on Facebook, The Wildly Unregulated Practice of Undercover Cops Friending People on Facebook - The Root
Visit EFF’s offices and you’ll be amused to find printouts of vintage National Security Agency posters taped to the walls (particularly in the restroom). These propaganda artifacts were obtained and released by GovernmentAttic.org, a transparency organization that does incredible work.
- The NSA Just Released 136 Historical Propaganda Posters - Motherboard
Facing Down Amazon
The American Civil Liberties Union kicked off multiple national and local news cycles—and energized an internal worker resistance—when it revealed through public records that Amazon was providing real-time face recognition (“Rekognition”) technology to local police departments. Documents obtained by the ACLU detailed how the program "can identify, track, and analyze people in real time and recognize up to 100 people in a single image" and "quickly scan information it collects against databases featuring tens of millions of faces."
EFF called for Amazon to stop providing its technology to law enforcement to power surveillance. We also called on technology companies to adopt a "Know Your Customer" program and for employees as those companies to advocate for implementing these programs to protect against future corporate involvement in these sorts of government efforts.
- Amazon Teams Up With Law Enforcement to Deploy Dangerous New Face Recognition Technology - ACLU of Northern California
- I’m an Amazon Employee. My Company Shouldn’t Sell Facial Recognition Tech to Police. - Medium Power Trip
Scooping the Messenger
In August, Reuters published a bombshell in the battle over encryption: the U.S. Department of Justice was trying to force Facebook to break its Messenger encryption in a sealed court case. As Dan Levine and Joseph Menn reported:
The potential impact of the judge’s coming ruling is unclear. If the government prevails in the Facebook Messenger case, it could make similar arguments to force companies to rewrite other popular encrypted services such as Signal and Facebook’s billion-user WhatsApp, which include both voice and text functions, some legal experts said.
In November, EFF, the ACLU, and Riana Pfefferkorn of Stanford Law School’s Center for Internet and Society teamed up to file a petition asking the court to release all court orders and related materials in the case.
Speaking of encryption: for years, FBI and Justice Department officials have pursued backdoors into the crucial technology that keeps our communications safe. They complain about the problem of “Going Dark,” the idea that encryption prevents them from investigating communications and devices. But it turns out that the FBI egregiously exaggerated in Congressional testimony. As The Washington Post’s Devlin Barrett reported:
The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000, The Washington Post has learned…
The FBI first became aware of the miscount about a month ago and still does not have an accurate count of how many encrypted phones they received as part of criminal investigations last year, officials said. Last week, one internal estimate put the correct number of locked phones at 1,200, though officials expect that number to change as they launch a new audit, which could take weeks to complete, according to people familiar with the work.
In May, EFF filed a Freedom of Information Act request with the FBI to get to the bottom of this misinformation, and we currently working our way through the tedious FOIA process.
- FBI Repeatedly Overstated Encryption Threat Figures to Congress, Public - The Washington Post
Silicon Valley Scandals
It’s been a year of huge scoops revealing how Facebook, Google, and other Silicon Valley companies have routinely failed to protect the privacy of their users (or actively violated it). In fact, we’ve had so many tabs open that we can’t adequately capture them all. However, here are a few that really stuck out:
- Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis - New York Times
- Facebook Is Giving Advertisers Access to Your Shadow Contact Information - Gizmodo (and just about everything else from Kashmir Hill this year)
- As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants- New York Times
- Google Tracks Your Movements, Like it or Not - Associated Press
- Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret - New York Times
Other Excellent Pieces from 2018
Still looking for more to read? Here are a few more pieces that we highly recommend:
- Service Meant to Monitor Inmates’ Calls Could Track You, Too - New York Times
- Cops Around the Country Can Now Unlock iPhones, Records Show - Motherboard
- ICE is about to start tracking license plates across the US - The Verge
- The Cambridge Analytica Files - The Guardian
This article is part of our Year in Review series. Read other articles about the fight for digital rights in 2018.
Like what you're reading? Support digital freedom defense today!