EFF in the News
"This is an improvement, but it doesn't do nearly enough," Jacob Hoffman-Andrews, a technologist for the Electronic Frontier Foundation, told the New York Times. "Verizon should discontinue its header injection program, or at a minimum make it opt-in."
“Today, it’s testing at the border, tomorrow it could be facial recognition deployed in public places,” worries Dave Maass, a researcher at the Electronic Frontier Foundation. “Today, the photos taken are being kept segregated from other departments and agencies, tomorrow they could be shared for a whole host of other purposes.”
What little we know about the FBI’s history with spyware raises questions. For instance, there was internal confusion about how to deploy spyware that suggests that the FBI hasn’t been sure how much it intruded on privacy. While the agency now requires a warrant and a Pen/Trap order to use CIPAV, documents obtained by the Electronic Frontier Foundation show several FBI agents discussed deploying the spyware without warrants before finally asking for clarification in 2007.
Beijing officials are widely thought to have orchestrated the massive digital assault against GitHub in an effort to suppress content content that is normally blocked in the country.
The Electronic Frontier Foundation (EFF) called the incident a "disquieting and unprecedented development in the history of state-orchestrated [cyber]attacks.”
Senior staff attorney Lee Tien with the Electronic Frontier Foundation heralded the report as flagging important issues about consumers' awareness and control over their own data. And he says the report sends an "important" signal that the FTC won't "buy the line" that broad data collection is inevitable or that existing privacy protections should be abandoned because the nature of privacy is changing.
The unique attack method used to disrupt the code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption, the Electronic Frontier Foundation (EFF) said Wednesday.
In this case, Reddit correctly recognized the request as not being legally binding, and alerted the users anyways—an unusual move for a company. “These informal requests don’t bind anyone to anything and so it takes a court order to silence a company,” said Hanni Fakhoury, a senior staff attorney at the Electronic Frontier Foundation.
“The idea that your Internet service provider is going to be spying on the contents of your traffic, even in an automated way, is very disconcerting,” said Jeremy Gillula, staff technologist with the San Francisco digital-rights organization Electronic Frontier Foundation.
“What if data about your browsing history gets out?” he said. “What if there’s a data breach?”
Around the same time the US and Israel were already developing and unleashing Stuxnet on computers in Iran, using five zero-day exploits to get the digital weapon onto machines there, the government realized it needed a policy for how it should handle zero-day vulnerabilities, according to a new document obtained by the Electronic Frontier Foundation.
When the Electronic Frontier Foundation (EFF) sued the National Security Agency (NSA) over records regarding the government's alleged prior knowledge of Heartbleed, the privacy group hoped to gain insight into the agency's zero-day exploitation policy.