Al-Jazeera Follows EFF's Whistleblower Recommendations
On August 8, AJTU published its revised TOU, attempting to address our concerns. We've looked through the new terms and we're happy to report some good changes.
It's Easier to Find
The most obvious change is that the Transparency Unit's terms are now easier to find. Previously, the TOU was a PDF file buried in the Transparency Unit's submission page. Assuming a user could even find the TOU, its placement assured it might not be read until after submission. The terms are now presented as a web page that is linked from the Transparency Unit's front page. This should hopefully ensure that more people actually have an opportunity to read the terms before submitting sensitive documents.
Al-Jazeera Still Reserves the Right to Sell You Out, But At Least It Has Your Back
Before the revisions, the Transparency Unit noted it could "share personally identifiable information in response to a law enforcement agency's request, or where we believe it is necessary." The terms provided no explanation about how Al-Jazeera determined when to disclose information or who made that decision. The TOU now explains Al-Jazeera "may disclose personally identifiable information about you to third parties in limited circumstance[s], including: (1) with your consent; or (2) when we have a good faith belief it is required by law, such as pursuant to a subpoena or other judicial or administrative order."
We’re also glad to see Al-Jazeera making an effort to be transparent about when users’ data is sought by the government and promising to fight for users' rights in court. AJTU promises that if "required by law to disclose the information that you have submitted, we will attempt to provide you with notice (unless we are prohibited) that a request for your information has been made in order to give you an opportunity to object to the disclosure." And AJTU claims it "will independently object to requests for access to information about users of our site that we believe to be improper."
As we've noted in our recent Who Has Your Back campaign, we want companies to stand with their users and be transparent in their practices. We're pleased Al-Jazeera is making an effort to do this.
But we're still worried that the TOU suggests there may be other circumstances in which Al-Jazeera may disclose information outside the law enforcement context. Thankfully, its disclosure policy doesn't seem as broad as Safehouse's, which provides that the Wall Street Journal can disclose information to "protect the property or rights of Dow Jones or any affiliated companies" or to "safeguard the interests of others." We’d still like to see Al-Jazeera promise explicit protection against third party requests for disclosure of information that are not from law enforcement or judicial process.
You Still Have to Make Promises No Whistleblower Can Keep
The old TOU required uploaders to promise they "have the full legal right, power and authority" to give Al-Jazeera ownership of the material, and that the material doesn't "infringe upon or violate the right of privacy or right of publicity of, or constitute a libel or slander against, or violate any common law or any other right of, any person or entity." The updated terms aren't much different. They still require an uploader to "represent that you own or otherwise have the intellectual property rights to submit such materials." And while the new TOU notes users "may have rights, however, under relevant legal exemptions to intellectual property rights in your nation" including "the right to fair use for criticism, parody, or newsworthiness," you still have to "warrant that you have a good faith belief that you have the right to share your content with us."
We’re still concerned that whistleblowers can never make these kinds of promises, particularly because the whole point of whistleblowing is to make private information public for the sake of the greater good. The changes to the Transparency Unit's terms haven't addressed this.
More Transparent About Anonymity and Confidentiality
The Transparency Unit has always maintained that it cannot guarantee anonymity and the new terms don't change that. However, they now provides links to two articles from EFF's Surveillance Self-Defense Guide, "Develop a Data Retention and Destruction Policy" and "Learn to Encrypt Your Internet Communications", to encourage users to take steps to protect themselves since Al-Jazeera can't do it for them.
Additionally, the Transparency Unit's website previously planted a trackable cookie on your web browser by default to allow Al-Jazeera "to provide restricted information to third parties." Now, Al-Jazeera promises that after 48 hours, it "makes anonymous, obfuscates, aggregates and/or deletes unneeded technical information." It also links to EFF's own "Best Practices for Online Service Providers" for a list of practices that Al-Jazeera says it "has mostly employed already."
Obviously, we're excited that Al-Jazeera is trying to follow EFF's recommendations for the Transparency Unit and keep its users informed about ways they can affirmatively protect their anonymity.
We applaud Al-Jazeera for taking our criticism to heart and changing its TOU to be more transparent about when it will disclose information, and encouraging users to take affirmative steps to protect their anonymity and confidentiality. We hope Safehouse will follow the Transparency Unit's lead.
Recent DeepLinks Posts
May 3, 2016
May 3, 2016
May 2, 2016
May 2, 2016
May 2, 2016
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- UK Investigatory Powers Bill
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games