EFF in the News
Terms-of-service agreements, which most Internet users consent to without even knowing it, do not explicitly ban pair testing. Rather, they ban the techniques that underlie it. CareerBuilder, the site that Villarreal used to look for work, has rules against providing false personal information and engaging in scraping, a method of automatically recording large amounts of data, even if that data is freely available. Other employment and housing sites—LinkedIn, Airbnb, Craigslist—have similar provisions. Companies say these rules are necessary to insure honest transactions. But digital-rights advocates point to a chilling effect: researchers, fearful of C.F.A.A. litigation, are deterred from uncovering discrimination online.
At least three Minnesota men have been charged with participating in a vast, secretive child pornography internet forum after being swept up in a far-reaching FBI sting considered the biggest hacking investigation in federal law enforcement history. Operation Pacifier has also triggered a series of legal challenges that are stirring constitutional debates over how law enforcement tries to smoke out criminals in the darkest corners of the web.
Though it doesn’t consider hacking to be an inappropriate law enforcement tool by itself, the Electronic Frontier Foundation (EFF) worries about the scope of Operation Pacifier. “It’s evidence of the need for greater restrictions on law enforcement using this type of hacking,” said Mark Rumold, senior staff attorney for the EFF. “That’s not what’s happening right now, which is the doors are going to be flung wide open and this is going to happen more and more.”
NSA general counsel, Glenn Gerstell, said in a statement that the agency “believes in strong encryption” while talking to the “Privacy vs. Security: Beyond the Zero-Sum Game” panel at the Cambridge Cyber Summit at MIT
Executive Director of Electronic Frontier Foundation (EFF), Cindy Cohn, an attendee of the panel, took an aggressive stand and told the NSA that when speaking of the term encryption, it should use asterisks. “I have been in meetings with people from the FBI and NSA and when they say we believe strong encryption what they mean is strong encryption that only THEY have access to. It sounds disingenuous; it seems that what they mean by strong encryption isn’t near the same as what the rest of us say,” Cohn said.
Circuit Judge Mayer made a much more drastic argument, saying that patents that constrain “essential channels of online communication” are antithetical to free speech. The implication is that for constitutional reasons, patents on common email antivirus software should be invalidated. Mayer’s approach potentially tosses out an entire category of software patents because of their effect on the Internet. A less extreme way of interpreting Mayer’s opinion is he only meant to make a policy argument, pointing out the importance of judging patents harshly. If courts aren’t strict with software patents related to the Internet, free speech is imperiled.
Federal agents revealed they used a controversial cellphone snooping device to hunt for a low-level accused drug dealer in a case that illustrates the creeping use of a terror-fighting tool to solve everyday crimes. The device was used by the Bureau of Alcohol, Tobacco, Firearms and Explosives to find and arrest Inkster resident Daiven Hollinshed late last month, according to federal search warrant records obtained by The Detroit News. The secret device, known as a Hailstorm or Stingray, masquerades as a cell tower and tricks nearby phones into providing location data and helped track Hollinshed to an Inkster home in September.
Andrew Crocker, staff attorney with the Electronic Frontier Foundation, said that the use of the word “directive” to describe the program indicated that the request may have been ordered under the section 702 of the 2008 Fisa Amendments Act, which allows the government to target non-US citizens abroad for surveillance.
Revelations by Edward Snowden about the Prism and Upstream programs – of which the Yahoo program looks like a hybrid, Crocker said – show that US citizens were also subject to mass surveillance.
The Electronic Frontier Foundation and others say the Reuters report, while incomplete, drives more distrust between US citizens, government spy agencies and one of the nation’s largest Internet companies. They assert, whatever the truth, American citizens have a constitutional right to know the truth.
See more at: Yahoo Slams Email Surveillance Story: Experts Demand Details https://wp.me/p3AjUX-vve
The NSA has lost some terrorists because of their adoption of strong encryption, but the agency is supportive of the use of the technology, it's top lawyer said. Glenn Gerstell, general counsel of the National Security Agency, speaking at the Cambridge Cyber Summit at MIT in Cambridge, Massachusetts, said the NSA sees ISIS terrorists using end-to-end encryption, and that has prevented the agency from finding out the key information about those bad actors.
Privacy advocate Cindy Cohn, executive director of the Electronic Frontier Foundation, listed some of the methods the government may use when encryption blocks access to information shared by suspects. "We know they purchase vulnerabilities and don't tell the companies their systems are vulnerable," she said.
The tech giant known for its laptops and printers made a controversial decision to quietly trigger a digital lock in the September firmware update. After the update, any customer who attempted to print with a non-HP cartridge would deactivate the printer and receive a cartridge replacement warning. The printer would not resume working until an HP brand cartridge was inserted.
"We should have done a better job of communicating about the authentication procedure to customers, and we apologize," HP said in a corporate blog post last Thursday.
According to the Tuesday report, Yahoo acceded to a 2015 government directive to give email access to the National Security Agency or the FBI. Reuters cited anonymous sources including two former employees and another person with knowledge of the events. Yahoo continues to face questions about a breach in 2014 that compromised at least 500 million accounts.