Skip to main content

EFF Press Release Archives

Press Releases: January 2006

January 31, 2006

Telecom Collaborated with NSA to Spy on Customers

San Francisco - The Electronic Frontier Foundation (EFF) filed a class-action lawsuit against AT&ampT Tuesday, accusing the telecom giant of violating the law and the privacy of its customers by collaborating with the National Security Agency (NSA) in its massive and illegal program to wiretap and data-mine Americans' communications.

The NSA program came to light in December, when the New York Times reported that the president had authorized the agency to intercept telephone and Internet communications inside the United States without the authorization of any court. Over the ensuing weeks, it became clear that the NSA program has been intercepting and analyzing millions of Americans' communications, with the help of the country's largest phone and Internet companies.

Reporting has also indicated that those same companies—and AT&ampT specifically—have given the NSA direct access to their vast databases of communications records, including information about whom their customers have phoned or emailed with in the past. And yet little has been accomplished by this illegal spying: recent reports have shown that the data from this wholesale surveillance has done little more than waste FBI resources on dead leads.

"The NSA program is apparently the biggest fishing expedition ever devised, scanning millions of ordinary Americans' phone calls and emails for 'suspicious' patterns, and it's the collaboration of US telecom companies like AT&ampT that makes it possible," said EFF Staff Attorney Kevin Bankston. "When the government defends spying on Americans by saying, 'If you're talking to terrorists we want to know about it,' that's not even close to the whole story."

In the lawsuit, EFF alleges that AT&ampT, in addition to allowing the NSA direct access to the phone and Internet communications passing over its network, has given the government unfettered access to its over 300 terabyte "Daytona" database of caller information—one of the largest databases in the world.

"AT&ampT's customers reasonably expect that their communications are private and have long trusted AT&ampT to follow the law and protect that privacy. Unfortunately, AT&ampT has betrayed that trust," said EFF Senior Staff Attorney Lee Tien. "At the NSA's request, AT&ampT eviscerated the legal safeguards required by Congress and the courts with a keystroke."

By opening its network and databases to unrestricted spying by the government, EFF alleges that AT&ampT has violated the privacy of AT&ampT customers and the people they call and email, as well as broken longstanding communications privacy laws.

While other organizations are suing the government directly, EFF is seeking to protect Americans' privacy by stopping the collaboration of AT&ampT with the illegal NSA spying program and making it economically impossible for AT&ampT to continue to give its customers' information to the government.

"Congress has set up strong laws protecting the privacy of your communications, strictly limiting when telephone and Internet companies can subject your phone calls to government scrutiny," said EFF Staff Attorney Kurt Opsahl. "The companies that have betrayed their customers' trust by illegally handing the NSA direct access to their networks and databases must be brought to account. AT&ampT needs to put a sign on its door that reads, 'Come Back With a Warrant.'"

In the suit filed Tuesday, EFF is representing the class of all AT&ampT customers nationwide. EFF is seeking an injunction to stop AT&ampT participation in the illegal NSA program, as well as billions of dollars in damages for violation of federal privacy laws. Working with EFF in the lawsuit are the law firms Traber &amp Voorhees, and Lerach Coughlin Stoia Geller Rudman &amp Robbins LLP.

For the full complaint:
http://www.eff.org/legal/cases/att/att-complaint.pdf

For more on EFF's suit:
http://www.eff.org/legal/cases/att/

Contact:

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
rebecca@eff.org

Related Issues:
January 27, 2006

EFF Asks Justices to Consider Critical Free-Speech Implications

San Francisco - The Electronic Frontier Foundation (EFF) filed a friend-of-the-court brief with the United States Supreme Court Thursday, asking justices to overturn a court ruling in a patent case with dangerous implications for free speech and consumers' rights. The Public Patent Foundation, the American Library Association, the American Association of Law Libraries, and the Special Library Association joined EFF on the brief.

At issue is a case involving online auctioneer eBay and a company called MercExchange. Last year, the Federal Circuit Court of Appeals ruled that eBay violated MercExchange's online auction patents and that eBay could be permanently enjoined, or prohibited, from using the patented technology. But as part of the ruling, the court came to a perilous conclusion, holding that patentees who prove their case have a right to permanent injunctions under all but "exceptional circumstances," like a major public health crisis. This radical rule created an "automatic injunction" standard that ignored the traditional balancing and discretion used by judges to consider how such a decision might affect other public interests--including free speech online.

"As more and more people use software and Internet technology to express themselves online, the battle over software patents has grave implications for online speech," said EFF Staff Attorney Corynne McSherry. "Courts must work harder than ever to ensure that technologies like blogs, email, online video, and instant messaging remain free and available to the public."

The lower court's ruling stems in part from a misperception that patents are just like other forms of property, with the same rights and remedies. However, Supreme Court rulings have repeatedly emphasized that patents are a unique form of property, designed to achieve a specific public purpose: the promotion of scientific and industrial progress.

"Part of the court's duty in patent cases is to make sure that the system helps the public's right to free speech instead of hurting it," said EFF Staff Attorney Jason Schultz. "If this ruling is allowed to stand, courts won't be able to do what's right."

For the full brief:
http://www.eff.org/legal/cases/ebay_v_mercexchange/eff_amicus_brief.pdf

For more on patents and how bad law can hurt the public:
http://www.eff.org/patent

Contacts:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

Jason Schultz
Staff Attorney
Electronic Frontier Foundation
jason@eff.org

Related Issues:
January 25, 2006

Important Milestone for Digital Copyright Law

San Francisco - A federal district court in Nevada has ruled that Google does not violate copyright law when it copies websites, stores the copies, and transmits them to Internet users as part of its Google Cache feature. The ruling clarifies the legal status of several common search engine practices and could influence future court cases, including the lawsuits brought by book publishers against the Google Library Project. The Electronic Frontier Foundation (EFF) was not involved in the case but applauds last week's ruling for clarifying that fair use covers new digital uses of copyrighted materials.

Blake Field, an author and attorney, brought the copyright infringement lawsuit against Google after the search engine automatically copied and cached a story he posted on his website. Google responded that its Google Cache feature, which allows Google users to link to an archival copy of websites indexed by Google, does not violate copyright law. The court agreed, holding that the Cache qualifies as a fair use of copyrighted material.

"This ruling makes it clear that the Google Cache is legal and clears away copyright questions that have troubled the entire search engine industry," said Fred von Lohmann, EFF senior staff attorney. "The ruling should also help Google in defending against the lawsuit brought by book publishers over its Google Library Project, as well as assisting organizations like the Internet Archive that rely on caching."

Field v. Google ruling:
http://www.eff.org/IP/blake_v_google/google_nevada_order.pdf

Contact:

Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation
fred@eff.org

Related Issues:
January 19, 2006

But Broader Privacy Concerns Remain

But Broader Privacy Concerns Remain

San Francisco - Yesterday, the Justice Department asked a federal court in San Jose, California to force Google to turn over search records for use as evidence in a case where the government is defending the constitutionality of the Child Online Protection Act (COPA). Google has refused to comply with a subpoena for those records, based in part on its concern for its users' privacy.

COPA is a federal law that requires those who publish non-obscene, constitutionally protected sexual material online to take difficult and expensive steps to prevent access by minors, steps that would chill publishers of sexual material as well as the adults who want to access such material anonymously. EFF is one of the plaintiffs in the First Amendment challenge to COPA.

The subpoena to Google currently asks for a random sampling of one million URLs from Google's database of web sites on the Internet. More importantly, the DOJ is also subpoenaing the text of each search string entered into Google's search engine over a one-week period, absent any information identifying the people who entered the search terms.

"The government is overreaching here, asking Google to do its dirty work and collect information about the Internet speech activities of Google users," said EFF Staff Attorney Kurt Opsahl. "Last month, the federal court rejected many of the government's over broad discovery requests to its opposing parties. Rather than learn its lesson, the DOJ continues to push for overreaching discovery, this time from a company that isn't even a party to the case."

Google has cited its concern for user privacy as a reason for not complying with the subpoena, in addition to the unreasonable burden that compliance would place on Google and the proprietary nature of its query database. In particular, Google is rightly concerned that many of the randomly selected search queries would contain personal information about Google users.

While EFF applauds Google for defending its users' privacy in this case, the current controversy only highlights the broader privacy problem: Google logs all of the searches you make, and most if not all of those queries are personally identifiable via cookies, IP addresses, and Google account information.

"The only way Google can reasonably protect the privacy of its users from such legal demands now and in the future is to stop collecting so much information about its users, delete information that it does collect as soon as possible, and take real steps to minimize how much of the information it collects is traceable back to individual Google users," said EFF Staff Attorney Kevin Bankston. "If Google continues to gather and keep so much information about its users, government and private attorneys will continue to try and get it."

Importantly, users can also take steps to protect their privacy from Google, the government, and others, by using anonymizing technologies such as Tor when surfing the web. Tor helps hide your IP address from Google so that even if the lawyers come knocking, Google cannot identify you by your searches.

More about Tor:
http://tor.eff.org/

Contacts:

Kevin Bankston
Staff Attorney
Electronic Frontier Foundation
bankston@eff.org

Kurt Opsahl
Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation
tien@eff.org

Related Issues:
January 6, 2006

Customers to Get Clean CDs and Extra Downloads Because of Flawed Copy-Protection

New York - A US District Court judge in New York gave preliminary approval Friday to a settlement for music fans who purchased Sony BMG music CDs containing flawed copy protection programs.

Under the proposed settlement, Sony BMG will stop manufacturing CDs with both First4Internet XCP and SunnComm MediaMax software. People who have already purchased the flawed CDs will be offered the same music without digital rights management (DRM), and some will also receive downloads of other Sony BMG music from several different services, including iTunes. The settlement would also waive several restrictive end user license agreement (EULA) terms and commit Sony BMG to a detailed security review process prior to including any DRM on future CDs, as well as providing for adequate pre-sale notice to consumers in the future.

Consumers can exchange CDs with XCP software for clean CDs now, but the rest of the settlement benefits will not be available until an official notice to the class has been issued. The court ordered that the notice--via newspaper ads, Google ads, email and other means--must occur by February 15. Once that notice goes out, consumers can begin submitting claims for settlement benefits and should get those benefits within 6-8 weeks of submitting the proof of claim form.

To help consumers figure out what the settlement means to them, EFF has posted a list of frequently asked questions (FAQ) on its website. The FAQ tells music fans how to return their flawed CDs, how to get their clean CDs and downloads in exchange, and how to opt-out of this settlement. The deadline to opt-out of the settlement is May 1, 2006.

"The settlement helps consumers finally get music that will play on their computers without invading their privacy or eroding their security," said EFF Staff Attorney Corynne McSherry. "Now that the court has given preliminary approval, the next step is to make sure that the millions of music fans who bought these XCP and MediaMax CDs understand what is available and how to get it."

The problems with the Sony BMG CDs surfaced when security researchers discovered that XCP and MediaMax installed undisclosed--and in some cases, hidden--files on users' Windows computers, potentially exposing music fans to malicious attacks by third parties. The infected CDs also communicated back to Sony BMG about customers' computer use without proper notification.

EFF and its co-counsel--Green and Welling, Lerach, Coughlin, Stoia, Geller, Ruchman and Robbins, and the Law Offices of Lawrence E. Feldman and Associates--along with a coalition of other plaintiffs' class action counsel, reached the settlement after negotiations with Sony BMG over the last month.

You can stay updated on the progress of the settlement agreement by visiting the FAQ page.

FAQ on Sony BMG settlement proposal:
http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq.php

Contacts:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

Kurt Opsahl
Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Cindy Cohn
Legal Director
Electronic Frontier Foundation
cindy@eff.org

Related Issues:
January 4, 2006

Fear of Legal Action Chills Computer Security Researchers

San Francisco - The Electronic Frontier Foundation (EFF) today sent an open letter to EMI Music -- the record label representing artists including Paul McCartney and Coldplay -- calling on it to agree not to pursue any legal action against computer security researchers who examine the copy-protection technologies used on some EMI CDs.

In late 2005, independent researchers uncovered security problems with Sony-BMG copy-protected CDs, forcing the label to issue patches and uninstallers to those customers who had played the CDs on Windows computers. Several record labels owned by EMI, including Virgin Records, Capitol Records, and Liberty Records, use similar copy-protection technologies supplied by Macrovision. On those CDs, an end user license agreement (EULA) forbids reverse engineering for any reason, including security testing. In addition, the Digital Millennium Copyright Act (DMCA) has chilled the efforts of computer security researchers interested in examining copy-protected CDs.

In the open letter published Wednesday, EFF urges EMI Music to publicly declare that it will not take legal action against computer security researchers who study copy-protected CDs released by record labels owned by EMI.

"Music fans deserve to know whether EMI's copy-protected CDs are exposing their computers to security risks," said Fred von Lohmann, senior staff attorney with EFF. "When it comes to computer security, it pays to have as many independent experts kick the tires as possible, and that can only happen if EMI assures those experts that they won't be sued for their trouble."

Full text of the open letter to EMI Music:
http://eff.org/IP/DRM/emi.pdf

Contact:

Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation
fred@eff.org

Related Issues:
JavaScript license information