EFF in the News
One of the most vocal critics of Bill C-51 is the Electronic Frontier Foundation, a nonprofit group that describes itself as defending civil liberties, particularly online, as technology grows.
In a post to the organization's website Friday, the foundation encouraged Canadians to march against the bill that proposes changes to how the Canadian government would handle national security and anti-terrorism efforts, changes the group characterized as "dangerous" and a threat to Canadians' rights to privacy and freedom of expression.
Much has been made of the “Internet versus telecom” divide on this issue. But John Perry Barlow, founder of the Electronic Frontier Foundation, believes Silicon Valley’s support for Title II has been overstated. Despite a desire to court FCC regulators and general support for a level playing field, he said that “almost everybody I know who is a major technologist” has “limited willingness to believe that Title II is the best answer.” And no wonder. Silicon Valley after all is where minimally viable, smart and simple product design reigns supreme. In contrast, Title II, by far one of the most cumbersome, complicated and clumsy of all regulatory frameworks ever conceived by our government is the antithesis of these values. With Facebook extending an olive branch and Netflix playing both sides on Title II, will there be mounting pressure to achieve a more rational middle ground, perhaps via Congressional action?
Even the San Francisco-based Electronic Frontier Foundation, which pushed and eventually celebrated the FCC’s intervention in the Internet marketplace, labeled this section of the net neutrality regulation as the “worrisome bit.”
“Does the FCC intend to suggest that throttling unlawful content is OK? How are ISPs to determine what is and is not lawful without snooping on their users?” asked Corynne McSherry, EFF’s intellectual property director in an article last month.
Mark Jaycox, a legislative analyst for the EFF, said that the proposal from the Obama administration may be overreaching.
"The blog post posits that IP/trade secret concerns are reasons that are not already covered to take down botnets. That's a civil/private context and we've seen private companies use the Lanham Act to handle that angle. Seems like the DOJ is pushing for a more expansive law. As of now, we've seen DOJ been able to handle takedowns with the resources and laws that are already provided to them," Jaycox said.
"We'd like to see a particular use case where they couldn't use their already aggressive interpretation of the current law to take down botnets. If anything, we should be narrowing the current anti-hacking statute and computer laws because of their excessive breadth."
Despite the critique, it’s far from clear that Tucows and other registrars are doing anything wrong. In fact, the Electronic Frontier Foundation notes that there is no law requiring registrars to disconnect pirate sites.
“Domain registrars do not have an obligation to respond to a random third party’s complaints about the behavior of a domain name user. Unless ordered by a court, registrars cannot be compelled to take down a website,” notes Jeremy Malcolm, EFF’s Senior Global Policy Analyst.
Jeremy Gillula, a staff technologist with the privacy watchdog group the Electronic Frontier Foundation, said he had no problem trusting the U.S. government to create privacy solutions, “as long as the research is published and the information is shared with the greater privacy-technology community.” He characterized the challenge that DARPA was undertaking in with Brandeis project as an ambitious one.
“The research community has made some significant progress (differential privacy, secure multiparty computation, etc.), but all of these methods have some sort of weakness,” Gillula said. “With that said, focusing on ways to scale these methods would certainly be a step in the right direction. It certainly wouldn’t solve the whole privacy problem, but at the same time solving the whole privacy problem would be way too big to tackle in a single project.”
Biometric systems suffer from the same vulnerabilities that afflict repositories of credit card numbers and other personal data. While images of fingerprints and other identifiers are usually stored on users’ devices, some retailers and banks may begin warehousing the information. Jennifer Lynch, senior staff attorney at the Electronic Frontier Foundation, a consumer advocacy group, points out that people affected by the Target breach at least had the option of canceling their credit cards. If the hackers had also made off with their prints, what then? Says Lynch: “There’s a real problem, and we haven’t dealt with it as a society yet.”
However, civil liberties organizations are concerned that the program constitutes a violation of privacy, and at least one, the Electronic Frontier Foundation, has filed a lawsuit requesting more information about the program and its origins.
Andrew Crocker, an attorney with the Electronic Frontier Foundation who was involved in the California case, said the judge's ruling was a "head-scratcher" and that the group is exploring its options.
"We think that our description of how Upstream works is substantially accurate," he said. "We have our doubts as to how they would be contradicting our picture of things."
While HTTPS is more secure than its unencrypted cousin, Andrew Crocker, an attorney with privacy group the Electronic Frontier Foundation, told The Baltimore Sun on Tuesday that without knowing the full extent of the NSA's powers there is no guarantee that a tool will protect users against unwanted eavesdropping.