The Global Digital Download is a weekly publication that aggregates resources on Internet freedom, highlighting trends in digital and social media that intersect with freedom of expression, policy, privacy, censorship and new technologies. The GDD includes information about relevant events, news, and research. To find past articles and research, search the archive database.

Sign up here to receive the weekly Global Digital Download newsletter.

  • (The Wall Street Journal, Monday, April 21, 2014)

    The U.S. has agreed to give up supervision of the Internet policy-making body that controls domain names, hoping to satisfy countries that want more international control over the Internet. This week, Washington will find out if its actions have eased global tensions over its cyberspying activities. World representatives are arriving in Brazil for Net Mundial, a two-day meeting about Internet governance that starts Wednesday in São Paulo. The meeting comes amid fallout over spying by the U.S. National Security Agency that has renewed concerns over the U.S. government's credibility and over longtime U.S. oversight of the Internet.

  • (The New York Times, Sunday, April 20, 2014)

    A group of academics and computer enthusiasts who took part in the 2011 uprising in Tunisia that overthrew a government deeply invested in digital surveillance have helped their town become a test case for an alternative: a physically separate, local network made up of cleverly programmed antennas scattered about on rooftops. The State Department provided $2.8 million to a team of American hackers, community activists and software geeks to develop the system, called a mesh network, as a way for dissidents abroad to communicate more freely and securely than they can on the open Internet. One target that is sure to start debate is Cuba; the United States Agency for International Development has pledged $4.3 million to create mesh networks there.

  • (Neon Tommy, Saturday, April 19, 2014)

    For the past year, the Los Angeles police department has been discreetly implementing a state-of –the-art surveillance system.  The Persistent Surveillance Systems is a private company based in Ohio founded by ex-Air Force veteran Ross McNutt. The system is designed to record and track the movement of every single car and person out on the streets of the L.A.  With features of live streaming and recording capabilities, the security system basically serves as a special “Google Maps,” where the police can “go back in time” and rewind crimes to see before, during, and after the events.  

  • (ACLU, Friday, April 18, 2014)

    The government is using shaky legal arguments to silence major Internet companies without giving them – or the public – the opportunity to respond. In three separate recent cases, the government has sent a grand jury subpoena to Yahoo or Twitter and requested a gag order from a magistrate judge, attempting to bar these tech companies from informing the customers in question. To make matters worse, the government won't disclose its reasoning for requesting the gag, effectively shutting the public out of the courthouse without any explanation.

  • (ACLU, Thursday, April 17, 2014)

    It wasn't long ago that President Obama announced on Reddit, "We will fight hard to make sure that the internet remains the open forum for everybody - from those who are expressing an idea to those who want to start a business." The NSA's surveillance programs fly in the face of that commitment. And, more critically, they violate international law. A recent ACLU and Amnesty International submission to the Privacy and Civil Liberties Oversight Board (PCLOB) explains that Section 702 of FISA—enacted by Congress in 2008 to codify the Bush administration's warrantless wiretapping program—authorizes surveillance that is not only unconstitutional but that violates the long-established human right to privacy.

  • (Wired , Wednesday, April 16, 2014)

    A federal appeals court has upheld a contempt citation against the founder of the defunct secure e-mail company Lavabit, finding that the weighty internet privacy issues he raised on appeal should have been brought up earlier in the legal process. The decision disposes of a closely watched privacy case on a technicality, without ruling one way or the other on the substantial issue: whether an internet company can be compelled to turn over the master encryption keys for its entire system to facilitate court-approved surveillance on a single user. The case began in June, when Texas-based Lavabit was served with a “pen register” order requiring it to give the government a live feed of the email activity on a particular account. The feed would include metadata like the “from” and “to” lines on every message, and the IP addresses used to access the mailbox.

  • (ArsTechnica, Tuesday, April 15, 2014)

    With all of the talk of Facebook’s efforts to blanket the planet with drones that the company promises will provide global Wi-Fi accessibility, another technology leader, the US military’s Defense Advanced Research Projects Agency (DARPA), has also entered the drone Wi-Fi game. Through DARPA’s new “Mobile Hotspots Program,” the agency has planned to retrofit a fleet of aging RQ-7 shadow drones that were once deployed for various surveillance missions by the US military in Iraq. The repurposed drones will now be used to help the military carry out operations in remote locations that lack Internet connectivity.

  • (ProPublica, Tuesday, April 15, 2014)

    The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security. The United States spends more than $50 billion a year on spying and intelligence, while the folks who build important defense software — in this case a program called OpenSSL that ensures that your connection to a website is encrypted — are four core programmers, only one of who calls it a full-time job.

  • (The Guardian, Saturday, April 12, 2014)

    The CEOs of the major tech companies came out of the gate swinging 10 months ago, complaining loudly about how NSA surveillance has been destroying privacy and ruining their business. They still are. Facebook founder Mark Zuckerberg recently called the US a "threat" to the Internet, and Eric Schmidt, chairman of Google, called some of the NSA tactics "outrageous" and potentially "illegal". They and their fellow Silicon Valley powerhouses – from Yahoo to Dropbox and Microsoft to Apple and more – formed a coalition calling for surveillance reform and had conversations with the White House. But for all their talk, the public has come away empty handed. The USA Freedom Act, the only major new bill promising real reform, has been stalled in the Judiciary Committee. The House Intelligence bill may be worse than the status quo. Politico reported on Thursday that companies like Facebook and are now "holding fire" on the hill when it comes to pushing for legislative reform.

  • (The New York Times, Saturday, April 12, 2014)

    Stepping into a heated debate within the nation’s intelligence agencies, President Obama has decided that when the National Security Agency discovers major flaws in Internet security, it should — in most circumstances — reveal them to assure that they will be fixed, rather than keep mum so that the flaws can be used in espionage or cyberattacks, senior administration officials said Saturday. But Mr. Obama carved a broad exception for “a clear national security or law enforcement need,” the officials said, a loophole that is likely to allow the N.S.A. to continue to exploit security flaws both to crack encryption on the Internet and to design cyberweapons.

  • (ACLU, Friday, April 11, 2014)

    During the long, hard fight to bring the outdated Electronic Communications Privacy Act (ECPA) into the 21st century, advocates have run into the most unlikely of opponents: the Securities and Exchange Commission (SEC). Yes, the SEC—the agency charged with regulating the securities industry—has brought the ECPA update to a screeching halt. Yesterday the ACLU, along with the Heritage Foundation, Americans for Tax Reform and the Center for Democracy and Technology, sent the agency a letter calling them out on their opposition.

  • (Electronic Frontier Foundation, Friday, April 11, 2014)

    The Electronic Frontier Foundation (EFF) is urging a federal appeals court to reconsider its decision to order Google to take down the controversial "Innocence of Muslims" video while a copyright lawsuit—based on a claim that the Copyright Office itself has rejected—is pending. As EFF explains, the decision sets a dangerous precedent that could have disastrous consequences for free speech.

  • (Miami Herald, Thursday, April 10, 2014)

    Defenders of a U.S. government program for Cubans fired back in the U.S. Senate on Thursday, with Marco Rubio urging the Twitter-like platform be restored, and Bob Menendez asking for documents on all similar programs around the world. Menendez, chairman of the Senate Foreign Relations Committee, said he wants to figure out whether the ZunZuneo platform created by the U.S. Agency for International Development was consistent with USAID programs for Internet freedoms in other authoritarian countries.

  • (TIME, Thursday, April 10, 2014)

    Democrats and Republicans both say they want keep the Internet free and open for all. They disagree about who should guard the guards. House Republicans advanced legislation Thursday that they say will keep the Internet open and free from government censorship. Every Democrat on the panel considering the measure opposed it in service, they say, of the same goal. At issue is a question with profound implications for the future of global communications that delves into the deepest bowels of the Internet, and a version of the age-old question: Who guards the guards?

  • (The Guardian, Wednesday, April 9, 2014)

    The US has spied on the staff of prominent human rights organisations, Edward Snowden has told the Council of Europe in Strasbourg, Europe's top human rights body. Giving evidence via a videolink from Moscow, Snowden said the National Security Agency – for which he worked as a contractor – had deliberately snooped on bodies like Amnesty International and Human Rights Watch. He told council members: "The NSA has specifically targeted either leaders or staff members in a number of civil and non-governmental organisations … including domestically within the borders of the United States." Snowden did not reveal which groups the NSA had bugged.

  • (Wired , Wednesday, April 9, 2014)

    Gogo, the inflight Wi-Fi provider, is used by millions of airline passengers each year to stay connected while flying the friendly skies. But if you think the long arm of government surveillance doesn’t have a vertical reach, think again. Gogo and others that provide Wi-Fi aboard aircraft must follow the same wiretap provisions that require telecoms and terrestrial ISPs to assist U.S. law enforcement and the NSA in tracking users when so ordered. But they may be doing more than the law requires. According to a letter Gogo submitted to the Federal Communications Commission, the company voluntarily exceeded the requirements of the Communications Assistance for Law Enforcement Act, or CALEA, by adding capabilities to its service at the request of law enforcement. 

  • (ACLU, Tuesday, April 8, 2014)

    In the wake of the NSA revelations, there has been an avalanche of state bills requiring law enforcement to obtain a probable cause warrant before tracking an individual’s location in an investigation. Most state legislators know they can’t control the NSA—but they can control their state and local law enforcement, which are engaging in some of the same invasive practices. The trend actually started in the wake of the ACLU’s nationwide public records requests on location tracking and the 2013 U.S. v. Jones decision, when Montana and Maine enacted the first two location tracking laws in the country—the recent revelations have simply increased the momentum.

  • (Committee to Protect Journalists, Tuesday, April 8, 2014)

    Roger Shuler, whose blog, Legal Schnauzer, specializes in allegations of corruption and scandal in Republican circles in Alabama, was released from jail on March 26, 2014, after spending more than five months in prison on contempt of court charges. Shuler was arrested on October 1, 2013, for failing to comply with a preliminary injunction prohibiting him from publishing certain stories on his blog. A Shelby County judge ordered Shuler's release after his wife, Carol Shuler, removed most of the allegedly defamatory content, according to local news reports. The charges stemmed from a defamation suit brought by a local attorney, Robert Riley, Jr., son of a two-term former Alabama governor and a rumored future political candidate himself. The suit was related to Shuler's blog posts in July 2013 that claimed Riley had an extramarital affair and had paid for his mistress to have an abortion. Riley vehemently denied the allegations.

  • (Huffington Post, Tuesday, April 8, 2014)

    On this week's episode of "Conversations with Nicholas Kralev," Alec Ross, former senior adviser for innovation at the State Department, talks about the role of modern technology in achieving diplomatic objectives, empowering citizens around the world, and reconciling Internet freedom with U.S. government surveillance. Ross recounts both success stories during his tenure at Foggy Bottom, such as using mobile technology to ensure a "clean" independence referendum in South Sudan in 2011, and efforts that failed, including a program to pay electronically the salaries of soldiers in the Democratic Republic of the Congo (DRC).

  • (ArsTechnica, Monday, April 7, 2014)

    The Supreme Court declined Monday to resolve the constitutionality of the National Security Agency's bulk telephone metadata surveillance program, leaving intact what a lower-court judge described as an "almost-Orwellian" surveillance effort in which the metadata from every phone call to and from the United States is catalogued by US spies. The move by the justices comes as the Obama administration and Congress consider dramatically revamping the spy program disclosed in June by NSA whistleblower Edward Snowden.

  • (ArsTechnica, Monday, April 7, 2014)

    Late last month, we reported on new federal efforts to gain an expanded ability to conduct “remote access” searches under a warrant against a target computer whose location is unknown or outside of a given judicial district. The government’s proposed revisions to criminal rules will be discussed at an upcoming Department of Justice (DOJ) meeting later this month in New Orleans.If this rule revision were to be approved, it would standardize and expand federal agents’ ability to survey a suspect and to exfiltrate data from a target computer regardless of where it is. On Monday, the American Civil Liberties Union (ACLU) published a 21-page memorandum with comments and recommendation to the DOJ. Specifically, the ACLU fears “jurisdictional overreach,” which under the new rules would allow a magistrate judge in any district to impose a “remote access search warrant” in any other district. 

  • (Electronic Frontier Foundation, Friday, March 28, 2014)

    Last week we wrote about initial news reports that Microsoft had searched and disclosed the contents of a blogger’s Hotmail account as part of an internal investigation into the alleged theft of Microsoft source code and other trade secrets. Since then, EFF has been in touch with Microsoft to discuss our objections to the company’s policy regarding its access to user content. Today Microsoft announced a change to that policy: Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required.

  • (Center for Democracy & Technology, Friday, March 28, 2014)

    In a report published yesterday, the United Nations Human Rights Committee raised significant concerns about United States surveillance practices and urged the US to respect the privacy rights of all people, including those located outside of US territory. These “Concluding Observations” offer a summary of findings from the Committee’s review of US compliance with obligations under the human rights treaty the International Covenant on Civil and Political Rights (ICCPR). The US review, which took place in Geneva earlier this month, is one of the first times an international human rights body has examined the issue of mass surveillance in the post-Snowden era, and the findings provide an important basis for future work in human rights institutions on the right to privacy in the digital age. Since US law currently has few meaningful protections against spying on anyone outside the United States (unless they are US persons) international human rights institutions play a critical role in building accountability for cross-border surveillance

  • (The Wall Street Journal, Thursday, March 27, 2014)

    The U.S. Department of Justice is pushing to make it easier for law enforcement to get warrants to hack into the computers of criminal suspects across the country.The move, which would alter federal court rules governing search warrants, comes amid increases in cases related to computer crimes. Investigators say they need more flexibility to get warrants to allow hacking in such cases, especially when multiple computers are involved or the government doesn’t know where the suspect’s computer is physically located.

  • (The Guardian, Thursday, March 27, 2014)

    Ten months after Edward Snowden revealed that the NSA was collecting US telephone records in bulk, three sets of proposals have emerged to change the way the agency operates. All would end the data collection program in its current form, but there are crucial differences between the rival plans. We take a look at how the proposals compare in an infographic.

  • (The Wall Street Journal, Wednesday, March 26, 2014)

    Twitter bowed Wednesday to a Turkish government order to block access to allegations of government corruption, but stepped up a legal battle to overturn the order and restore access to Twitter service for its users in the country.The San Francisco-based microblogging service said in a blog post Wednesday that it has filed court petitions to challenge a six-day-old Turkish government effort to block access to Twitter—as well as challenging an individual order to remove an account that has accused a former government minister of corruption.

  • (Electronic Frontier Foundation, Wednesday, March 26, 2014)

    Join EFF on April 4th for 404 Day, a nation-wide day of action to call attention to the long-standing problem of Internet censorship in public libraries and public schools. In collaboration with the MIT Center for Civic Media and the National Coalition Against Censorship, we are hosting a digital teach-in with some of the top researchers and librarians working to analyze and push back against the use of Internet filters on library computers.

  • (The Daily Dot, Tuesday, March 25, 2014)

    Facebook and Google are both on the cusp of changing the way facial recognition technology is used. Facebook debuted its incredibly accurate facial recognition project, DeepFace, in a paper earlier this month. Though the project remains in research mode, it’s highly likely the social media company will put its 97.25 percent accuracy level to use in the future. And even though Google doesn’t allow facial recognition apps in its ecosystem, developers are readying sophisticated programs and databases that could make facial scanning and identification simple for Glass wearers. According to Jeffrey Chester, the executive director of the Center for Digital Democracy, both Facebook and Google turned down the opportunity to discuss those projects at a National Telecommunications & Information Administration stakeholder meeting that focused on the facial recognition topic.

  • (The New York Times, Monday, March 24, 2014)

    The Chinese government called on the United States on Monday to explain its actions and halt the practice of cyberespionage after news reports said that the National Security Agency had hacked its way into the computer systems of China’s largest telecommunications company. The reports, based on documents provided by the former security contractor Edward J. Snowden, related how the spy agency penetrated servers owned by the company, Huawei, and monitored communications by its senior executives in an effort to discover whether the executives had links to the Chinese military. The operation also sought to exploit the company’s technology and gain access to the communications of customers who use Huawei cellphones, fiber optic cables and network hubs.

  • (BBC, Monday, March 24, 2014)

    Net freedom could suffer after the US steps back from its role as ultimate overseer of the global network, former US President Bill Clinton has said.Many of the governments keen to help oversee the net just wanted to use it to silence dissent, he said. Mr Clinton made his comments during a debate sponsored by his charitable foundation, Clinton Global Initiative. The US had been a good steward of the net and had helped keep it open and accessible, he said.

  • (The New York Times, Monday, March 24, 2014)

    The Obama administration is preparing to unveil a legislative proposal for a far-reaching overhaul of the National Security Agency’s once-secret bulk phone records program in a way that — if approved by Congress — would end the aspect that has most alarmed privacy advocates since its existence was leaked last year, according to senior administration officials. Under the proposal, they said, the N.S.A. would end its systematic collection of data about Americans’ calling habits. 

  • (The Intercept, Saturday, March 15, 2014)

    On Wednesday, Glenn Greenwald and I revealed new details about the National Security Agency’s efforts to radically expand its ability to hack into computers and networks across the world. The story has received a lot of attention, and one detail in particular has sparked controversy: specifically, that the NSA secretly pretended to be a Facebook server in order to covertly infect targets with malware “implants” used for surveillance. This revelation apparently infuriated Facebook founder Mark Zuckerberg so much that he got on the phone to President Barack Obama to complain about it. “I’ve been so confused and frustrated by the repeated reports of the behavior of the US government,” Zuckerberg wrote in a blog post Thursday. “When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government.”

  • (The New York Times, Friday, March 14, 2014)

    It’s almost that time of year again. Wash off the car. Take the cover off the grill. And figure out who has access to your social accounts. Whether you realize it or not, dozens — if not hundreds — of apps and services have access to your social accounts and can see everything you’re doing online. Tweets, Likes, your location, are all there for the taking. What’s worse, there’s a pretty good chance you unwittingly gave them permission.

  • (Center for Democracy & Technology, Friday, March 14, 2014)

    In January, President Obama delivered a speech regarding the Snowden disclosures of excessive government surveillance; that speech described a review of big data practices in both the private and public sectors, to be headed by presidential counselor John Podesta. The first public event in that review, co-sponsored by MIT in Cambridge, took place last week with a particular focus on technical issues raised by big data practices. While we welcome the review, we hope that the final report will adopt the Fair Information Practice Principles (FIPPs) from the White House’s 2012 report on consumer privacy – which remain relevant even in a big data environment – and recommend limitations on pervasive collection and retention of consumer data.

  • (The New York Times, Friday, March 14, 2014)

    The United States will give up its role overseeing the system of Web addresses and domain names that form the basic plumbing of the Internet, turning it over in 2015 to an international group whose structure and administration will be determined over the next year, government officials said on Friday. Since the dawn of the Internet, the United States has been responsible for assigning the numbers that form Internet addresses, the .com, .gov and .org labels that correspond to those numbers, and for the vast database that links the two and makes sure Internet traffic goes to the right place.

  • (Electronic Frontier Foundation, Thursday, March 13, 2014)

    Representing a large group of top computer science experts and professors, the Electronic Frontier Foundation (EFF) today submitted a brief to a federal appeals court supporting the American Civil Liberties Union's lawsuit over the NSA's mass call records collection program. At the core of the brief is the argument that metadata matters.

  • (ArsTechnica, Thursday, March 13, 2014)

    In a new federal court filing, the Electronic Frontier Foundation has asked for a preservation order similar to one that it already received years ago in one National Security Agency-related case (Jewel v. NSA) to be extended to a second case (First Unitarian Church of Los Angeles et al v. NSA) that the group filed after the Snowden leaks began last summer. Such an order compels the government to retain everything it collected even after the standard five-year deletion period, so that the plaintiffs can pursue civil discovery and if necessary, prove that their calls were among those swept up.

  • (The Intercept, Wednesday, March 12, 2014)

    Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

  • (Index on Censorship, Wednesday, March 12, 2014)

    Index on Censorship had a Google Hangout on how to protect yourself from mass surveillance, and what you can do to demand the right to privacy from your government. Jim Killock, Executive Director at Open Rights Group, Mike Rispoli, Communications Manager at Privacy International, and Mike Harris, Campaign Director for Don’t Spy On Us share their thoughts on the unfolding fight to restrict mass surveillance.

  • (The Guardian, Tuesday, March 11, 2014)

    Edward Snowden chose to make his first public appearance since his spectacular ex-filtration of thousands of secret NSA documents to an audience of technology people at the annual SXSW Interactive festival in Austin, Texas on Monday.Snowden quickly explained why he’d opted to speak to this audience: SXSW’s technologists were “the people who can really fix” the deficiencies in the internet and its applications “to enforce our rights and protect standards, even though Congress hasn’t gotten to the point of doing that.” Spies have treated the internet as “an adversarial global freefire scenario, and we need to protect people against it. The NSA has advanced policies that erode Fourth Amendment protections through the proactive seizure of communications. This demands a policy response, but we need a technical response from makers. The NSA is setting fire to the future of the internet and you guys are the firefighters.”

  • (Electronic Frontier Foundation, Tuesday, March 11, 2014)

    This past Monday, the Human Rights Committee commenced its one hundredth and tenth session in Geneva from March 10-28.  During this session, the Committee will review the reports of several countries on how they are implementing the provisions of the International Covenant on Civil and Political Rights (ICCPR), an international human rights treaty and one of the bedrocks of human rights protections. We are pleased that the Human Rights Committee has the opportunity to clarify the scope of United States legal obligations under Article 17 on the right to privacy, especially in light of the recent revelations on mass surveillance leaked by Edward Snowden. Worldwide, the general public is privy to the fact that several US programs have the potential for serious privacy rights violations in the form of mass surveillance both at home and abroad; a blatant violation of the United States' ICCPR obligations.

  • (Center for Democracy & Technology, Tuesday, March 11, 2014)

    The Supreme Court has been doing a pretty good job of resisting government arguments that interpretation of the Fourth Amendment should ignore the implications of modern technology. This year, the Court is being urged by the government in a pair of cases to limit privacy rights by extending to cell phones another doctrine from centuries past, the “search-incident-to-arrest” exception to the Fourth Amendment’s warrant clause. As a general rule, the Fourth Amendment requires police to obtain a warrant from a judge before conducting a search, including before asking you to empty your pockets. However, there has long been an exception to this rule, allowing the police, when they arrest someone, to search the arrestee and any items in his immediate possession and to seize any weapons or evidence that the person might have.

  • (Center for Democracy & Technology, Tuesday, March 11, 2014)

    With more interactions between educators and students taking place online and through apps, increasing amounts of sensitive data are collected, retained, and used by schools and companies. Data related to education tends to be very personal, so the need for appropriate standards on protecting this data are important to encourage greater adoption of educational technologies. To that end, the Department of Education (DoE) recently released a report on requirements and best practices in protecting student privacy while using online educational services. The report is a good step towards promoting effective privacy and security standards, but in order to effectively protect students, DoE should also update existing regulations and pursue enforcement actions against providers that don’t measure up.

  • (The New York Times, Monday, March 10, 2014)

    It is not hard to understand why veterans of the National Security Agency argue that 2013 was the worst year since Harry S. Truman got the place running 62 years ago. The man chosen by Mr. Obama to navigate this bureaucratic, political and public relations disaster is Vice Adm. Michael S. Rogers, who on Tuesday will face members of the Senate at his confirmation hearing, an event not likely to be accompanied by the thunderous applause that greeted Mr. Snowden in Texas. Friends of Admiral Rogers in the intelligence community, who have worked with him in his current job running the Navy’s Fleet Cyber Command, say they wonder whether he has a sense of what he is wading into.

  • (The Guardian, Friday, March 7, 2014)

    The Wikileaks founder Julian Assange on Saturday told an audience in Texas that people power is the key to rolling back the power of the National Security Agency and other surveillance agencies. “We have to do something about it. All of us have to do something about it,” he said, in an interview at the SXSW conference in Austin. “How can individuals do something about it? Well, we’ve got no choice.”

  • (ArsTechnica, Friday, March 7, 2014)

    Last month, in a filing with the notoriously secretive Foreign Intelligence Surveillance Court (FISC), the United States said that it wants to keep existing records beyond the existing five-year limit due to the handful of lawsuits challenging the National Security Agency’s bulk metadata collection program. But on Friday, in a win for civil liberties advocates, a FISC judge denied that motion.

  • (The Guardian, Friday, March 7, 2014)

    Cross-border data-sharing mechanisms - a critical part in both online and non-internet crime investigations - have come under threat since the Edward Snowden leaks. Even though information-sharing deals covering banking and airline passenger data just about survived calls to suspend them, the Snowden files have caused problems for collaboration between public and private bodies. The heightened tensions lie not between law enforcement agencies, but between police and other organisations that potentially hold valuable information for investigations.

  • (Electronic Frontier Foundation, Wednesday, March 5, 2014)

    The U.S. Attorney for the Northern District of Texas today filed a motion to dismiss 11 charges against Barrett Brown in a criminal prosecution that would have had massive implications for journalism and the right of ordinary people to share links. Brown, an independent journalist, was prosecuted after he shared a link to thousands of pages of stolen documents in an attempt to crowdsource the review of those documents—a common technique for many journalists. The records came from the US government contractor, Stratfor Global Intelligence and documented discussions of assassination, rendition and how to undermine journalists and foreign governments. They also included thousands of stolen credit card numbers. Brown had no involvement in the hack, but was charged nonetheless with identity theft.

  • (PR Newswire, Tuesday, March 4, 2014)

    Researchers at the School of Information Studies (iSchool) at Syracuse University have released an innovative proposal to resolve the 15-year controversy over the United States government's special relationship to the Internet Corporation for Assigned Names and Numbers (ICANN). The proposal, which involves removing root zone management functions from ICANN and creating an independent and neutral private sector consortium to take them over, will be presented at the Singapore ICANN meeting March 21, and then formally submitted to the "NETMundial" Global Multistakeholder Meeting on the Future of Internet Governance in SaoPaulo, Brazil, to be held April 23 and 24.

  • (The New York Times, Monday, March 3, 2014)

    Since its inception several years ago, Massachusetts Institute of Technology's free open online course system, MITx has attracted more than 760,000 unique registered users from about 190 countries, university officials said. Those users have generated 700 million interactions with the school’s learning system and have contributed around 423,000 forum entries, many of them quite personal. As researchers contemplate mining the students’ details, however, the university is grappling with ethical issues raised by the collection and analysis of these huge data sets, known familiarly as Big Data, said L. Rafael Reif, the president of M.I.T.

  • (Electronic Frontier Foundation, Monday, March 3, 2014)

    The Electronic Frontier Foundation (EFF) filed two briefs on Friday challenging secret government demands for information known as National Security Letters (NSLs) with the Ninth Circuit Court of Appeals.  The briefs—one filed on behalf of a telecom company and another for an Internet company—remain under seal because the government continues to insist that even identifying the companies involved might endanger national security.  While the facts surrounding the specific companies and the NSLs they are challenging cannot be disclosed, their legal positions are already public: the NSL statute is a violation of the First Amendment as well as the constitutional separation of powers.

  • (Electronic Frontier Foundation, Monday, March 3, 2014)

    President Obama has nominated former SOPA lobbyist Robert Holleyman to join the team of U.S. negotiators leading the Trans-Pacific Partnership (TPP) talks. If confirmed by the Senate, the former chief executive officer of the Business Software Alliance (BSA) would serve as a Deputy to the U.S. Trade Representative. Coincidentally, the current head of the BSA is former White House IP Czar Victoria Espinel. Holleyman is an interesting choice for the Obama administration, given the current standstill in TPP negotiations. Reports from the TPP ministerial meeting last weekend said that nothing substantive came out of those talks and that an end date for this sprawling deal is growing increasingly uncertain. One of the many topics of contention is the copyright enforcement sections. On these, the U.S. refuses to agree to provisions that would allow signatory countries flexibility in their copyright regimes.

  • (Nieman Journalism Lab, Monday, March 3, 2014)

    Some people who scrape and publish information from the Internet go to jail. Others produce great journalism. It’s easy to understand why you might want to know which person you are — and whether or not you’re protected from prosecution or not — but that can be a difficult task. Issac Wolf is a Scripps News reporter who garnered some attention last spring when he reported on a major security breach at a company called TerraCom. In the course of a typical PDF search, Wolf discovered that personal information including Social Security numbers, addresses, and other account information had been left vulnerable. Publishing his findings led Wolf and his colleagues to be branded as “hackers.” Sarah Laskow wrote in CJR that the Scripps case may well be the first time a journalist was threatened under the Computer Fraud and Abuse Act.

  • (Pew Research, Thursday, February 27, 2014)

    This report is the first part of a sustained effort through 2014 by the Pew Research Center to mark the 25th anniversary of the creation of the World Wide Web by Sir Tim Berners-Lee. Lee wrote a paper on March 12, 1989 proposing an “information management” system that became the conceptual and architectural structure for the Web.  He eventually released the code for his system—for free—to the world on Christmas Day in 1990. It became a milestone in easing the way for ordinary people to access documents and interact over a network of computers called the internet—a system that linked computers and that had been around for years. The Web became especially appealing after Web browsers were perfected in the early 1990s to facilitate graphical displays of pages on those linked computers.

  • (Neiman Journalism Lab, Thursday, February 27, 2014)

    The Knight Foundation wants to delay the death of the Internet as we know it — at least for a little while longer.Today Knight is launching the latest installment of its Knight News Challenge, and this round will focus on a subject on many minds these days: how best to support a free and open Internet. Specifically, Knight is asking people how they would answer this question: “How can we strengthen the Internet for free expression and innovation?” Those who come up with a good answer — or at least an idea that can pass muster with Knight’s experts and advisers — will get a share of $2.75 million.

  • (The Guardian, Thursday, February 27, 2014)

    Increasingly, we are watched not by people but by algorithms. Amazon and Netflix track the books we buy and the movies we stream, and suggest other books and movies based on our habits. Google and Facebook watch what we do and what we say, and show us advertisements based on our behavior. Documents provided by Edwards Snowden and revealed by the Guardian today show that the UK spy agency GHCQ, with help from the NSA, has been collecting millions of webcam images from innocent Yahoo users. And that speaks to a key distinction in the age of algorithmic surveillance: is it really okay for a computer to monitor you online, and for that data collection and analysis only to count as a potential privacy invasion when a person sees it? I say it’s not, and the latest Snowden leaks only make more clear how important this distinction is.

  • (Poynter, Thursday, February 27, 2014)

    In Wednesday’s decision on Garcia v. Google Inc., a three-judge panel for the Ninth U.S. Circuit Court of Appeals ordered YouTube to remove the video “Innocence of Muslims” from its platform. It also reinstated Cindy Lee Garcia’s copyright lawsuit against Google. The 2012 video, created by filmmaker Mark Basseley Youssef, led to riots and deaths throughout the Middle East. The 13-minute film depicts the Prophet Mohammed as a “fool and a sexual deviant.” President Obama and other world leaders had asked YouTube to take down the video, but YouTube resisted due to “unwarranted government censorship” that “would violate the Google-owned company’s free speech protections.”

     

  • (Electronic Frontier Foundation, Thursday, February 27, 2014)

    It's time for Congress to follow the Sixth Circuit's lead and update one of the main online privacy laws—the Electronic Privacy Communications Act (ECPA). In the past, the Department of Justice has used the archaic law to obtain private online communications without obtaining a probable cause warrant as the Fourth Amendment requires. A bill co-sponsored by Reps. Kevin Yoder, Tom Graves, and Jared Polis—HR 1852, The Email Privacy Act—seeks to update ECPA by requiring a probable cause warrant whenever the government wants to access your online private messages. ECPA must be updated because the government has used the law to obtain private online messages—like personal email accounts or our social media messages—older than 180 days without a probable cause warrant. The government would have to obtain a warrant if those same messages were printed out on your desk. This difference shouldn't exist. By cosponsoring The Email Privacy Act, the government can no longer neglect the fact that Fourth Amendment protections do not whither with age.

     

  • (The Guardian, Thursday, February 27, 2014)

    Britain's surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal. GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

  • (Citizen Lab, Wednesday, February 26, 2014)

    Remote Control Systems’s (RSCs) use of third-country proxy servers to launder data from infected computers back to the government operator of the spyware raises a number of questions.  First, how are the third-country proxies selected?  Are the proxy locations selected by Hacking Team itself, or its government clients?  If Hacking Team selects the locations, does it inform its clients of these?  How does Hacking Team represent itself when engaging with a hosting company to procure servers for use as proxies?  Does Hacking Team evaluate the laws of the countries in which it employs servers to determine the legality of their use for surveillance?  The answers to these questions have important legal and policy implications.

  • (The Wall Street Journal, Wednesday, February 26, 2014)

    Boeing Co. filed plans this week with the Federal Communications Commission for a smartphone dubbed Boeing Black, which is designed for defense and security customers and won't be available to average consumers. The phone is based on a modified version of Google Inc.'s Android operating system. It takes Boeing beyond the jumbo jets, fighter planes and satellites for which it is known.

  • (Wired, Friday, February 21, 2014)

    AT&T this week released for the first time in the phone company’s 140-year history a rough accounting of how often the U.S. government secretly demands records on telephone customers. But to those who’ve been following the National Security Agency leaks, Ma Bell’s numbers come up short by more than 80 million spied-upon Americans. AT&T’s transparency report counts 301,816 total requests for information — spread between subpoenas, court orders and search warrants — in 2013. That includes between 2,000 and 4,000 under the category “national security demands,” which collectively gathered information on about 39,000 to 42,000 different accounts. There was a time when that number would have seemed high. Today, it’s suspiciously low, given the disclosures by whistleblower Edward Snowden about the NSA’s bulk metadata program. We now know that the secretive Foreign Intelligence Surveillance Court is ordering the major telecoms to provide the NSA a firehose of metadata covering every phone call that crosses their networks. An accurate transparency report should include a line indicating that AT&T has turned over information on each and every one of its more than 80 million-plus customers. It doesn’t.

  • (Wired , Wednesday, February 19, 2014)

    Sometimes the most interesting part of a classified document is what is blacked out. That’s where you can tell, by context, what kind of information is still considered too secret for public consumption. Responding to the revelations from NSA whistleblower Edward Snowden, the U.S. government has provided unprecedented transparency about the nation’s spying apparatus—all in a bid to quell public dissent—by releasing thousands of pages of once-classified documents. The government even has released formerly secret documents criticizing itself for breaching Americans’ privacy rights while also divulging the once-secret legal basis for its bulk telephone metadata collection program. But many documents contain redactions—or black marks—in key places. As of January, the government said it has released 2,700 pages of once-classified documents, including 44 Foreign Intelligence Surveillance Court opinions and orders, 11 government filings to that court, 24 once-classified documents provided to Congress, and 20 other reports that include training slides and other materials. Clearly, the documents shed light on the NSA, although plenty of secrets remain secret.

  • (The Guardian, Wednesday, February 19, 2014)

    Google is planning to offer high-speed internet service in 34 more cities scattered across eight states in the company’s boldest challenge yet to cable and telecommunications providers. The ambitious expansion announced Wednesday targets Arizona, California, Georgia, Tennessee, North Carolina, Oregon, Texas and Utah. The markets span some of the largest cities in the US. They include: Atlanta, San Jose, California, Phoenix; San Antonio; Portland, Oregon, and Salt Lake City. The company also hopes to bring the internet service, called “Google Fiber,” to its hometown of Mountain View, California. The blueprint is tentative because Google Inc needs to work out logistics with government leaders in the communities where it hopes to build the networks needed to deliver its service. The company hopes to provide updates by the end of the year. The plans are the clearest sign yet that Google, already the internet’s most powerful internet company, intends to become a bigger player in providing access to the internet, too.

  • (Electronic Frontier Foundation, Wednesday, February 19, 2014)

    The net neutrality fight is moving in new directions, and quickly. Today FCC Chair Tom Wheeler announced that the FCC would press forward with new “Open Internet” rules, undeterred by last month’s court decision striking down most of the old ones. Last week, Comcast and Time Warner Cable announced plans to merge. The merger would create the largest Internet Service Provider (ISP) in the nation, with five times the subscribers of its closest competitor. With only one or two broadband providers available in most parts of the country, prices may soar while the quality of services plummets. A lack of competition raises serious concerns that huge ISPs will be able to favor particular sites and services. Wheeler’s announcement today included a strong commitment to promoting the piece of the Open Internet rules that did survive judicial review: transparency. Unfortunately, even “transparency” is tougher to enforce than many might think. That’s because so much of our connectivity depends on essentially secret “peering” agreements between providers.

  • (Electronic Frontier Foundation, Wednesday, February 19, 2014)

    The net neutrality fight is moving in new directions, and quickly. Today FCC Chair Tom Wheeler announced that the FCC would press forward with new “Open Internet” rules, undeterred by last month’s court decision striking down most of the old ones. Last week, Comcast and Time Warner Cable announced plans to merge. The merger would create the largest Internet Service Provider (ISP) in the nation, with five times the subscribers of its closest competitor. With only one or two broadband providers available in most parts of the country, prices may soar while the quality of services plummets. A lack of competition raises serious concerns that huge ISPs will be able to favor particular sites and services. Wheeler’s announcement today included a strong commitment to promoting the piece of the Open Internet rules that did survive judicial review: transparency. Unfortunately, even “transparency” is tougher to enforce than many might think. That’s because so much of our connectivity depends on essentially secret “peering” agreements between providers.

  • (The New York Times, Tuesday, February 18, 2014)

    Obama administration officials said Tuesday that the president continues to support a free and open Internet but that he cannot order the Federal Communications Commission to reclassify broadband service as a utility that is subject to the same rules and rate regulation as local telephone service. The statement was a response to an online petition that has attracted more than 105,000 signatures since Jan. 14, when a federal appeals court ruled that the F.C.C. had overstepped its authority in drafting rules requiring Internet service providers to treat equally all traffic that passes through their pipes, rather than giving priority to some traffic — presumably from companies willing to pay for the privilege. In a post on the White House blog, the officials said President Obama “strongly supports” the promised effort of the F.C.C. chairman, Tom Wheeler, “to use the authority granted by Congress to maintain a free and open Internet.”

  • (The New York Times, Sunday, February 9, 2014)

    In his first 100 days as the chairman of the Federal Communications Commission, Tom Wheeler persuaded mobile phone companies to agree on rules about unlocking consumers’ phones, cemented an effort to increase the reliability of calls to 911, proposed tests to do away with old-fashioned telephone networks and freed $2 billion to connect schools and libraries to the Internet. Those were the easy tasks. In the coming days, the telecommunications, media and Internet industries will be watching to see how Mr. Wheeler responds to last month’s federal appeals court decision that invalidated the rules created by the F.C.C. in 2011 to maintain an open Internet. Mr. Wheeler has said that he views the decision, which many people saw as a setback for the agency, as an opportunity. He contends he can use it to assert the commission’s broad legal authority to enforce equality and access throughout the networks on which Internet traffic travels — a concept known as net neutrality.

  • (The New York Times, Saturday, February 8, 2014)

    Intelligence officials investigating how Edward J. Snowden gained access to a huge trove of the country’s most highly classified documents say they have determined that he used inexpensive and widely available software to “scrape” the National Security Agency’s networks, and kept at it even after he was briefly challenged by agency officials. Using “web crawler” software designed to search, index and back up a website, Mr. Snowden “scraped data out of our systems” while he went about his day job, according to a senior intelligence official. “We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the official said. The process, he added, was “quite automated.” The findings are striking because the N.S.A.’s mission includes protecting the nation’s most sensitive military and intelligence computer systems from cyberattacks, especially the sophisticated attacks that emanate from Russia and China. Mr. Snowden’s “insider attack,” by contrast, was hardly sophisticated and should have been easily detected, investigators found.

  • (TechDirt, Thursday, February 6, 2014)

    I've already written one piece about Cory Doctorow's incredible column at the Guardian concerning digital rights management and anti-circumvention, in which I focused on how the combination of DRM and anti-circumvention laws allows companies to make up their own copyright laws in a way that removes the rights of the public. Those rights are fairly important, and the reason we have them encoded within our copyright laws is to make sure that copyright isn't abused to stifle speech. But, anti-circumvention laws combined with DRM allow the industry to route around that entirely. But there's a second important point in Doctorow's piece that is equally worth highlighting, and it's that the combination of DRM and anti-circumvention laws make all of our computers less safe. For this to make sense, you need to understand that DRM is really a form of security software.

  • (The New York Times, Wednesday, February 5, 2014)

    The Federal Communications Commission will complete changes this spring in the federal program to connect schools and libraries to high-speed Internet service and separately will consider increasing the tax paid by consumers or phone companies to finance the effort, the agency’s chairman, Tom Wheeler, said Wednesday. In an address as part of Digital Learning Day, a national program focused on online education, Mr. Wheeler said that any increase in the tax would be preceded by a restructuring of how the current $2.4 billion annual program spends its money. Only about half of the program, known as E-rate, currently pays for broadband connections; some of it pays for outdated technologies like pagers and dial-up connections. “We have identified opportunities for greater productivity within the program, including significant improvements to the way funds are deployed,” Mr. Wheeler said at an event at the Library of Congress. Following the restructuring, he added: “Should it be necessary to increase the permanent funding levels for the E-rate program, we will do what is appropriate.”

  • (The Hill, Wednesday, February 5, 2014)

    The House Homeland Security Committee voted unanimously Wednesday to approve a bill to secure the federal government and critical infrustrature elements from cyberattacks. The bill — H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act, backed by Committee Chairman Michael McCaul (R-Texas) and Rep. Patrick Meehan (R-Pa.), chairman of the Subcommittee on Cybersecurity — would push the Department of Homeland Security to strengthen and codify it cybersecurity standards for the federal government and critical infrastructure networks. McCaul cited the varied support for the bill, including members in both parties and privacy advocates. The bill "establishes equal cybersecurity partnerships between private industry and DHS, while ensuring Americans’ civil liberties are protected," he said. “We cannot wait for a major attack to take action, and I am pleased that the Committee today unanimously passed legislation that improves DHS’s ability to defend against the many threats to our critical infrastructure." Responding to the vote on his bill, Meehan pointed to the recent series of high profile data breaches at major U.S. retailers, impacting the sensitive financial and personal information of millions of Americans.

  • (Dave's Blog, Wednesday, February 5, 2014)

    I usually don’t post articles about current affairs. However, a recent series of events has inspired me to write about this. Towards the end of January, the president of our company – iScan Online, Inc., was complaining that our service was experiencing major slowdowns. I investigated the issue, but I couldn’t find anything wrong with our production environment. We were stumped. One evening I also noticed a slowdown while using our service from my house. I realized that the one thing in common between me and our president was that we both had FiOS internet service from Verizon. Since we host all of our infrastructure on Amazon’s AWS – I decided to do a little test – I grabbed a URL from AWS S3 and loaded it.

  • (The New York Times, Saturday, February 1, 2014)

    One of the most disturbing aspects of the surveillance programs revealed by Edward Snowden is how little we knew about the information federal agencies have collected about millions of people. That is partly because these agencies have put severe limits on how much private telephone and Internet companies can disclose about the data they have been ordered to turn over to the government. A server aisle at Google’s data center in Mayes County, Okla. The green lights are the server status LEDs.U.S. Relaxes Some Data Disclosure RulesJAN. 27, 2014
    Last week, the attorney general and the director of national intelligence said they would let the companies reveal some things but not, regrettably, nearly enough. Companies can now give the public a better idea of how often federal agencies request information from them. But they can’t reveal what kinds of information, and how much, they dredge up. The government devised the new rules to settle a lawsuit from technology companies like Google and Facebook. They also amount to another missed opportunity by the Obama administration to fix the legally dubious way in which the government gathers intelligence.

  • (The New York Times, Saturday, February 1, 2014)

    The Federal Communications Commission will double the amount of money it devotes to adding high-speed Internet connections in schools and libraries over the next two years, in an effort to meet President Obama’s promise to provide broadband service for an estimated 20 million American students in 15,000 schools, officials said Saturday. Financing for the new spending will come from restructuring the $2.4 billion E-Rate program, which provides money for “advanced telecommunications and information services” using the proceeds of fees paid by telecommunications users. The proportion that goes to broadband service in schools and libraries will increase to $2 billion a year from $1 billion. Mr. Obama referred to the changes during his State of the Union address last week. The changes will not require any additional taxes or assessments, according to an F.C.C. official who spoke on the condition of anonymity because a formal announcement was being planned for this week. The E-Rate program is part of the Universal Service Fund, which also provides money to connect rural areas and low-income people to phone and Internet service using money raised through fees on consumers’ phone bills. The commission’s chairman, Tom Wheeler, is expected to announce details of the plan on Wednesday at an event for Digital Learning Day, which promotes the use of technology in education.

  • (ArsTechnica, Friday, January 31, 2014)

    President Barack Obama today spoke about the recent court decision that gutted the nation's network neutrality law, saying that he expects the FCC to take action to preserve the open Internet, which proved crucial in his presidential campaign. "It's something that I've cared deeply about ever since I ran for office, in part because my own campaign was empowered by a free and open Internet and the ability for citizens all across the country to engage and create and find new ways and new tools to mobilize themselves," Obama said. "A lot of that couldn't have been done if there were a lot of commercial barriers and roadblocks and so I've been a strong supporter of net neutrality." The Federal Communications Commission passed the current net neutrality rules, via the Open Internet Order, in 2010 during Obama's first term. The rules prevented Internet service providers from blocking Web applications or charging for access to the network. Verizon challenged the rules and got them overturned, but the FCC could rewrite the order to put it on a more solid legal footing.

  • (CBC News, Thursday, January 30, 2014)

    A top secret document retrieved by U.S. whistleblower Edward Snowden and obtained by CBC News shows that Canada's electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal. After reviewing the document, one of Canada's foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada (CSEC) was almost certainly illegal. Ronald Deibert told CBC News: "I can't see any circumstance in which this would not be unlawful, under current Canadian law, under our Charter, under CSEC's mandates." The spy agency is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.

  • (The Guardian, Thursday, January 30, 2014)

    Academics across the world are up in arms at a proposal to bar the senior members of the International Studies Association (ISA) from blogging. The proposal says: "No editor of any ISA journal or member of any editorial team of an ISA journal can create or actively manage a blog unless it is an official blog of the editor's journal or the editorial team's journal. This policy requires that all editors and members of editorial teams to apply this aspect of the code of conduct to their ISA journal commitments. All editorial members, both the editor in chief(s) and the board of editors/editorial teams, should maintain a complete separation of their journal responsibilities and their blog associations." Many members of the ISA, a professional association for scholars, practitioners and students in the field of international studies with more than 6,000 members from 80 countries, have erupted in protest at the proposal, reports Inside Higher Ed. It quotes three critics

  • (Mashable, Thursday, January 30, 2014)

    A group of 86 organizations, with the support of more than one million signatures from online petitions, asked the Federal Communications Commission on Thursday to stand up for net neutrality. The coalition, which includes Reddit, the American Civil Liberties Union, Fight for The Future and Free Press, is asking the FCC to reclassify broadband companies such as Internet ISPs and cable providers as "telecommunication services," thus giving the commission the authority to impose net neutrality rules on them. "It’s time for the new FCC leadership to correct the agency’s past mistakes and reassert its clear authority over our nation’s communications infrastructure," read a letter signed by the 86 organizations and sent to the FCC on Thursday. "To preserve the open Internet, the FCC must reclassify the transmission component of broadband Internet access as a telecommunications service." When a D.C. Appeals Court struck down net neutrality rules just more than two weeks ago, Internet freedom advocates sounded the alarm.

  • (New America, Monday, January 27, 2014)

    On June 5, 2013, the Guardian broke the first story in what would become a flood of revelations regarding the extent and nature of the NSA's surveillance programs. Facing an uproar over the threat such programs posed to privacy, the Obama administration scrambled to defend them as legal and essential to US national security and counterterrorism. Two weeks after the first leaks by former NSA contractor Edward Snowden were published, President Obama defended the NSA surveillance programs during a visit to Berlin, saying: "We know of at least 50 threats that have been averted because of this information not just in the United States, but, in some cases, threats here in Germany. So lives have been saved."

  • (Online Trust Alliance, Monday, January 27, 2014)

    As society and business become increasingly reliant on data, the threat landscape continues to exponentially expand. Online services introduce stronger and more innovative defenses against cybersecurity threats with each passing year. Unfortunately, cybercriminals simultaneously create new techniques and
    deceptive tactics that outpace such efforts. The result underscores the need for businesses to make security and data protection a priority, and to be prepared for a breach incident. The 2014 Data Protection & Breach Readiness Guide (Guide) is designed to help businesses, app developers and service providers understand the issues, considerations and solutions that will enhance their data protection practices and enable them to develop readiness plans in the event they incur a data loss incident.

  • (The New York Times, Monday, January 27, 2014)

    The Obama administration says it will allow Internet companies to give customers a better idea of how often the government demands their information, but will not allow companies to disclose what is being collected or how much. The new rules — which have prompted Google, Microsoft, Yahoo and Facebook to drop their respective lawsuits before the nation’s secret surveillance court — also contain a provision that bars start-ups from revealing information about government requests for two years. Attorney General Eric H. Holder Jr. and James R. Clapper, director of national intelligence, said the new declassification rules were prompted by President Obama’s speech on intelligence reform earlier this month. “Permitting disclosure of this aggregate data addresses an important area of concern to communications providers and the public,” Mr. Holder and Mr. Clapper said in a joint statement.

  • (Al Jazeera America, Saturday, January 25, 2014)

    The open Internet has provided people of color and other marginalized groups an unprecedented opportunity to tell their own stories and to organize for racial and social justice. The principle of the open Internet, sometimes referred to as “Net neutrality,” prevents Internet service providers (ISPs) from interfering with, blocking or discriminating against Web content. Several advocacy groups have used the open Internet to organize online campaigns to protest against racism, hate speech and unfair treatment of immigrants. For example, Color of Change, an online advocacy organization, uses the open Internet as a tool to empower the black community to speak out against injustice and to make government more responsive to its concerns. The immigrant-rights group Presente has organized online campaigns to challenge inhumane immigration policies. Colorlines, a daily news website that focuses on racial justice, relies on the open Internet as a platform to report on critical stories often ignored by the mainstream media. But this may all come to an end.

  • (Center for Democracy and Technology, Friday, January 24, 2014)

    The collective IQ of the voices calling for overhaul of surveillance practices just shot through the roof. Today, a group of 50 leading academic researchers in information security and cryptography released an important open letter that condemns mass surveillance. It calls on the US Government to stop these activities and reject them in favor of an Internet that is secure and privacy preserving. Their most important point is: “We urge the US government to reject society-wide surveillance and the subversion of security technology, to adopt state-of-the-art, privacy-preserving technology, and to ensure that new policies, guided by enunciated principles, support human rights, trustworthy commerce, and technical innovation.” While the Obama Administration recognizes that bulk collection must be reformed, unfortunately, there has been far less discussion regarding the key security standards underpinning digital services. As we noted in our scorecard comparing President Obama’s surveillance reform speech last week and the recommendations of the President’s NSA Review Group, the Administration has made no clear commitments to cease activities that undermine communications security, security standards, and the security of software products. Instead, it seems as though they will continue to horde vulnerabilities and bugs that should be reported to software developers so they get patched

  • (ArsTechnica, Thursday, January 23, 2014)

    On June 5, 2013, the British newspaper The Guardian published the first of a series of articles based on unauthorized disclosures of classified documents by Edward Snowden, a contractor for the National Security Agency (“NSA”). The article described an NSA program to collect millions of telephone records, including records about purely domestic calls. Over the course of the next several days, there were additional articles regarding this program as well as another NSA
    program referred to in leaked documents as “PRISM.” These disclosures caused a great deal of concern both over the extent to which they damaged national security and over the nature and scope of the surveillance programs they purported to reveal. Subsequently, authorized disclosures from the government confirmed both programs. Under one, the NSA collects telephone call records or metadata – but not the content of phone conversations —covering the calls of most Americans on an ongoing basis, subject to renewed approvals by the Foreign Intelligence Surveillance Court (“FISC” or “FISA court”). This program was approved by the FISC pursuant to Section 215 of the USA PATRIOT Act (“Patriot Act”). Under the second program, the government collects the content of electronic communications, including phone calls and emails, where the targets are reasonably believed to be non-U.S. persons located outside the United States. Section 702 of the FISA Amendments Act is the basis for this program.

  • (Save The Internet, Wednesday, January 22, 2014)

    After five years of advocating for Net Neutrality, I realize that many people have never heard of the concept. Even among folks who are familiar with the term, there is quite a bit of confusion about the details. Really the concept is quite simple, though it does require a basic understanding of how the Internet works. So here goes. We as consumers pay broadband Internet providers like Comcast, Time Warner Cable, AT&T and Verizon to provide us with connections to the Internet. Most of us have only one or two choices when it comes to home broadband Internet service providers. And usually these Internet connections are very expensive. In fact, broadband in the U.S. is exponentially more expensive (and slower) than in many other countries around the globe. These broadband providers are distinct from Internet content and application providers such as Facebook, YouTube, Netflix and any host of blogs, etc., that we enjoy over our broadband connections. These content and application providers, commonly referred to as “edge providers,” also pay broadband providers for their Internet connections. The FCC’s Net Neutrality rules accomplished three critical goals.

  • (Michael Geist, Wednesday, January 22, 2014)

    Graham Henderson, the head of the Music Canada (formerly the Canadian Recording Industry Association) wrote a blog post late last year lamenting musicians' earnings, a situation he blames on the Internet allowing a few to "amass staggering, unprecedented wealth" while musicians toil for tiny incomes. Leaving aside the facts that the Canadian music industry experienced increased digital sales last year (while sales declined in the U.S.) and that the Ontario government is handing out tens of millions of tax dollars to the industry, Henderson now says the government needs to step in and regulate the Internet. According to Music Canada, government support must be complimented by: judicious and reasonable regulation of the internet. The actions taken by courts in other jurisdictions have very reasonably required ISPs to block websites that are almost entirely dedicated to the theft of intellectual property. In fact, Internet regulation and blocking websites are not the only music industry target. Last week, Music Canada appeared before the Ontario Standing Committee on Finance and Economic Affairs, where it cited Google as a problem: the federal government has done a lot to help us in our battle against illegal sources, but they could certainly do more. One of the biggest problems we have is that consumers cannot find legal services on Google. Type in: "Carly Rae Jepsen"; pick your song; press “search.” You would have to look to page 7 of the results to find iTunes. Before you get there, you have six and a half pages littered with illegal sites which are constantly being taken down and constantly being put back. With government support, maybe we can urge intermediaries to actually do something to help consumers find legitimate sources, because I think they’d like to.

  • (ArsTechnica, Wednesday, January 22, 2014)

    According to leaked copies of a forthcoming report by the Privacy and Civil Liberties Oversight Board (PCLOB), the government’s metadata collection program "lacks a viable legal foundation under Section 215, implicates constitutional concerns under the First and Fourth Amendments, raises serious threats to privacy and civil liberties as a policy matter, and has shown only limited value… As a result, the board recommends that the government end the program." The metadata program, which compels at least Verizon (and likely other telcos as well) to routinely hand over all phone records to the National Security Agency, was first disclosed as the result of the leak by Edward Snowden in June 2013. Three of the five members of the board (who are all lawyers) went so far as to declare the entire program illegal. However, the Board does not have the authority to do anything beyond make recommendations to Congress and to the president.

  • (The Guardian, Tuesday, January 21, 2014)

    Google's executive chairman, Eric Schmidt, has insisted he had no knowledge of the US National Security Agency's tapping of the company's data, despite having a sufficiently high security clearance to have been told. He said that he and other members of the search company were outraged by the tapping carried out by the NSA and the UK's GCHQ – first revealed in the Guardian in June – and that they had "complained at great length" to the US government over the intrusion. Google had since begun encrypting internal traffic to prevent further spying, he said. Speaking in a private session at the Guardian, Schmidt, 58, said: "I have the necessary clearances to have been told, as do other executives in the company, but none of us were briefed. "Had we been briefed, we probably couldn't have acted on it, because we'd have known about it. I've declined briefings [from the US government] about this because I don't want to be constrained."

  • (Poynter, Tuesday, January 21, 2014)

    On Friday, a federal appeals court ruled that bloggers deserve the same protection as journalists, the Associated Press reported. Gregg Leslie of the Reporters Committee for the Freedom of the Press said the ruling affirms what many have long argued: Standards set by a 1974 U.S. Supreme Court ruling, Gertz v. Robert Welch Inc., apply to everyone, not just journalists. “It’s not a special right to the news media,” he said. “So it’s a good thing for bloggers and citizen journalists and others.” Cindy Gierhart wrote about the case for RCFP on Friday. The court noted that “a First Amendment distinction between the institutional press and other speakers is unworkable.” Quoting Citizens United, the court further noted that, with the prevalence of online commentary, the “line between the media and others who wish to comment on political and social issues becomes far more blurred.” Dan Levine wrote about the case Saturday for Reuters. Crystal Cox lost a defamation trial in 2011 over a blog post she wrote accusing a bankruptcy trustee and Obsidian Finance Group of tax fraud. A lower court judge had found that Obsidian did not have to prove that Cox acted negligently because Cox failed to submit evidence of her status as a journalist. But in the ruling, the 9th U.S. Circuit Court of Appeals in San Francisco said Cox deserved a new trial, regardless of the fact that she is not a traditional reporter.

  • (Verizon, Monday, January 20, 2014)

    In 2013, Verizon received approximately 320,000 requests for customer information from federal, state or local law enforcement in the United States. We do not release customer information unless authorized by law, such as a valid law enforcement demand or an appropriate request in an emergency involving the danger of death or serious physical injury. The table below sets out the number of subpoenas, orders, and warrants we received from law enforcement in the United States last year. We also received emergency requests and National Security Letters. The vast majority of these various types of demands relate to our consumer customers; we receive relatively few demands regarding our enterprise customers.

  • (ArsTechnica, Monday, January 20, 2014)

    According to newly declassified court orders from the Foreign Intelligence Surveillance Court (FISC), the National Security Agency was (and may still be) tipping off the FBI at least two to three times per day going back at least to 2006. Hours after President Barack Obama finished his speech last Friday on proposed intelligence and surveillance reforms, the Office of the Director of National Intelligence (ODNI) declassified a number of documents from the nation’s most secretive court. The new documents are heavily redacted orders from FISC to the FBI. These items request that the court order an entity (likely a business) to provide “tangible things” under Section 215 of the PATRIOT Act. The documents do not refer to who the target is, nor which company or organization they apply to.

  • (The Guardian, Monday, January 20, 2014)

    If civil libertarians who are disappointed with the proposals Obama outlined last week had to write a wish list for what kind of restraints they'd like to see on National Security Agency data-gathering, what might that include? Here's an educated guess: Individual Control: The right to exercise control over what personal data organizations collect from them and how they use it. Transparency: The right to easily understandable information about privacy and security practices. Focused Collection: The right to reasonable limits on the personal data that organizations collect and retain. Accountability: The right to have personal data handled by organizations with appropriate measures in place to assure they adhere to the Bill of Rights. Nevermind that the Obama administration has endorsed all of those rights. Almost two years ago, actually. What's more, they got Google, Microsoft, Yahoo and AOL to agree to observe them. The bad news: these rights apply only to web-browsing data gathered by companies that deploy "behavior-based marketing". You know, the kind of tracking that means a search for "white wedding" will serve of ads for The Knot (even if you were looking for Billy Idol).

  • (Electronic Frontier Foundation, Monday, January 20, 2014)

    When you use the Internet, you entrust your conversations, thoughts, experiences, locations, photos, and more to companies like Google, AT&T and Facebook. But what do these companies do when the government demands your private information? Do they stand with you? Do they let you know what’s going on? In this annual report, the Electronic Frontier Foundation examined the policies of major Internet companies — including ISPs, email providers, cloud storage providers, location-based services, blogging platforms, and social networking sites — to assess whether they publicly commit to standing with users when the government seeks access to user data. The purpose of this report is to incentivize companies to be transparent about how data flows to the government and encourage them to take a stand for user privacy whenever it is possible to do so. We compiled the information in this report by examining each company’s published terms of service, privacy policy, transparency report, and guidelines for law enforcement requests, if any. We also considered the company’s public record of fighting for user privacy in the courts and whether it is a member of the Digital Due Process coalition, which encourages Congress to improve outdated communications law. Finally, we contacted each company to explain our findings and gave them an opportunity to provide evidence of improved policies and practices. These categories are not the only ways that a company can stand up for users, of course, but they are important and publicly verifiable. In addition, not every company has faced a decision about whether to stand up for users in the courts, but we wanted to particularly commend those companies who have done so when given with the opportunity.

  • (IFEX, Friday, January 17, 2014)

    With Barack Obama due to announce reforms to the National Security Agency (NSA) today [17 January 2014], PEN Canada calls on Prime Minister Stephen Harper to break his ongoing silence on the topic of online surveillance conducted by the Canadian government. “Thanks to the release of information by Edward Snowden, we now know beyond a shadow of a doubt that the American government has been spying on its own citizens and those of many other countries, including those whom it considered allies,” said William Kowalski, chairman of the National Affairs Committee of PEN Canada. “This includes Canadian citizens. And we also know that the information obtained by the NSA has been shared with the Canadian authorities, and vice-versa.” The Snowden revelations confirmed the existence of an information-sharing agreement that exists between the National Security Administration of the United States and the Communications Security Establishment of Canada (CSEC). This agreement allows both governments to obtain intelligence about their own citizens from each other without warrants, therefore circumventing laws that prohibit them from spying upon their own people.

  • (MediaShift, Friday, January 17, 2014)

    Tuesday’s court decision, which struck down the Federal Communications Commission’s Open Internet Order and threatened the future of Net Neutrality, has huge implications for the future of journalism and press freedom. According to the Pew Research Center, half of all Americans now cite the Internet as their “main source for national and international news.” For young people the number is 71 percent. While we are nowhere near stopping the presses or tearing down the broadcast towers, the Internet is increasing how we distribute and consume the news today. The future of journalism is bound up in the future of the Internet.

  • (Index on Censorship , Friday, January 17, 2014)

    Earlier today, President Obama announced a series of reforms to address abuses by the National Security Agency. We were heartened to see Obama recognized that the NSA has gone too far in trampling the privacy rights of people worldwide. In his speech, the President ensured that National Security Letters would not come with perpetual gag orders, brought new levels of transparency and fairness to the FISA court, and ended bulk collection of telephone records by the NSA. However, there is still much more to be done. We’ve put together a scorecard showing how Obama’s announcements stack up against 12 common sense fixes that should be a minimum for reforming NSA surveillance. Each necessary reform was worth 1 point, and we were willing to award partial credit for steps in the right direction. On that scale, President Obama racked up 3.5 points out of a possible 12.

  • (The New Yorker, Wednesday, January 15, 2014)

    Since 1970 or so, carriers like A.T. & T. and Verizon have been barred from blocking or degrading whatever is transported over their lines. Although, at the time, the rule primarily concerned long-distance voice calls, that principle, applied to the Internet, has become known more recently as net neutrality. It offers a basic guarantee: that content providers on a network—whether it be YouTube, Wikipedia, or bloggers—can reach their users without worrying about being blocked, harassed, or forced to pay a toll by the carrier. Policing that rule in its various guises has been a core mission of the Federal Communications Commission for the past four decades—and keeping carriers away from Internet content has been among the F.C.C.’s most successful policy initiatives since its creation, in 1934. It is the Magna Carta of the Web; today, there’s not a tech firm or a blog that doesn’t owe something to the open, unblocked Internet. Yesterday, because of a faulty legal strategy used by the F.C.C., the U.S. Court of Appeals for the D.C. Circuit struck down the law enforcing this principle, leaving the Internet and the F.C.C. in uncharted territory. Without net-neutrality rules, a firm like Verizon or Comcast can do whatever it likes to content moving across its network. If it wants, it can make a blog that criticized its latest policies unreachable, or block T-Mobile’s customer support. Acting together, the Internet service providers could destroy Netflix by slowing its data to a crawl, making movies impossible to watch.

  • (Center for Democracy and Technology, Wednesday, January 15, 2014)

    On December 9, AOL, Apple, Facebook, Google, Linkedin, Microsoft, Twitter, and Yahoo! issued a call for governments around the world to reform their surveillance laws, as well as a released a set of principles to guide such reform. These principles align well in many ways with principles that civil society groups released this July applying human rights concepts to communications surveillance. While the respective principles differ in some important ways, there is enough commonality to suggest ample space for civil society and industry to move forward on a common set of norms and reforms that should inform the debate about surveillance law globally. This paper explores that commonality.

  • (The New York Times, Wednesday, January 15, 2014)

    In a discouraging ruling, a federal appeals court on Tuesday struck down regulations that prohibited phone and cable companies from charging different rates for delivering different types of content to consumers or even blocking certain content. The United States Court of Appeals for the District of Columbia Circuit ruled that the Federal Communications Commission exceeded its authority by imposing rules that barred Internet service providers like Verizon, which brought the case, from giving preferential treatment to some content over others.

  • (The New York Times, Sunday, January 12, 2014)

    For over six years, Roger Shuler has hounded figures of the state legal and political establishment on his blog, Legal Schnauzer, a hothouse of furious but often fuzzily sourced allegations of deep corruption and wide-ranging conspiracy. Some of these allegations he has tested in court, having sued his neighbor, his neighbor’s lawyer, his former employer, the Police Department, the Sheriff’s Department, the Alabama State Bar and two county circuit judges, among others. Mostly, he has lost. But even those who longed for his muzzling, and there are many, did not see it coming like this: with Mr. Shuler sitting in jail indefinitely, and now on the list of imprisoned journalists worldwide kept by the Committee to Protect Journalists. There, in the company of jailed reporters in China, Iran and Egypt, is Mr. Shuler, the only person on the list in the Western Hemisphere.

  • (Access, Friday, January 10, 2014)

    A broad coalition of activist groups, companies, and online platforms will hold a worldwide day of activism in opposition to the NSA's mass spying regime on February 11th. Dubbed "The Day We Fight Back", the day of activism was announced on the eve of the anniversary of the tragic passing of activist and technologist Aaron Swartz. The protest is both in his honor and in celebration of the victory over the Stop Online Piracy Act two years ago this month, which he helped spur. Participants including Access, Demand Progress, the Electronic Frontier Foundation, Fight for the Future, Free Press, BoingBoing, Reddit, Mozilla, ThoughtWorks, and more to come, will join potentially millions of Internet users to pressure lawmakers to end mass surveillance -- of both Americans and the citizens of the whole world. On January 11, 2013, Aaron Swartz took his own life. Aaron had a brilliant, inquisitive mind that he employed towards the ends of technology, writing, research, art, and so much more. Near the end of his life, his focus was political activism, in support of civil liberties, democracy, and economic justice.

  • (GigaOm, Thursday, January 9, 2014)

    Federal Communications Chairman Tom Wheeler says he is keeping a close eye on AT&T’s controversial Sponsored Data plan, but whether the regulatory agency will step in remains to be seen. Announced earlier this week at CES, Sponsored Data would allow content providers and app developers to pay the data charges their customers rack up while using their services. The idea is to create a toll-free mobile internet for certain types of content – namely the companies that can afford to pay for it. The implications or such a model on the internet and net neutrality will be far reaching, but even at Gigaom we’re not in agreement as to what they might be, as these two separate posts from Om Malik and Stacey Higginbotham show. At a talk at CES, Wheeler said while he isn’t rushing to his own judgment, according to a Washington Post report. “My attitude is, let’s take a look at what this is,” Wheeler said. “Let’s take a look at how it operates. … If it interferes with the operation of the Internet … if it develops into an anti-competitive practice … if it does have some kind of preferential treatment given somewhere, then that is cause for us to intervene.”

  • (Global Network Initiative, Wednesday, January 8, 2014)

    The Global Network Initiative today released a public report on the independent assessments of founding companies Google, Microsoft, and Yahoo. The assessments looked at cases of government requests implicating the rights of Internet users, and found that each company is making a good faith effort to implement GNI’s Principles on Freedom of Expression and Privacy, and to improve over time. “These independent assessments—the first of their kind—present a major step forward on human rights accountability in the technology sector,” said GNI Board Chair Jermyn Brooks. “They demonstrated in the many specific cases examined how companies, applying the GNI Principles, have in fact been able to limit the removal of content and the release of personal data as a result of government requests,” he continued.

  • (The Verge, Wednesday, January 8, 2014)

    American tech companies whose customers and networks have been compromised by the National Security Agency's sweeping surveillance efforts may have a new sympathetic ear inside Washington: the Commerce Department. "We've been talking to various constituencies within the business community, we understand their issues [with NSA spying]," said US Commerce Secretary Penny Pritzker, speaking today at CES 2014 in Las Vegas, the first Commerce Secretary to do an open Q&A at the gadget conference. Pritzker also said that her division is "part of the conversation" going on now inside the White House about reviewing the NSA's surveillance powers. "We very much have a voice at the table," Pritzker added, saying that President Obama "would make something public shortly."

  • (ArsTechnica, Thursday, January 2, 2014)

    Facebook is being sued by two users for intercepting the “content of the users’ communications,” including private messages, with the intent to “mine user data and profit from those data by sharing them with third parties—namely, advertisers, marketers, and other data aggregators.” The plaintiffs argue in a December 30 class action complaint that Facebook’s use of the word “private” in relation to its messaging system is misleading given the way the company treats the info contained within those messages. Many of the allegations in this case are based on research done in 2012 by the Wall Street Journal for a series of articles about digital privacy. Facebook is far from the first company to use private messages to mint money. Gmail continues to be dinged for creating text ads based off of the content of e-mails ten years after the ads were first introduced. (And Gmail has been sued for that, too.) Facebook goes to lengths to clearly distinguish its messaging feature as “private,” even calling it “unprecedented” in terms of the privacy controls, the filing alleges. “Facebook never intended to provide this level of confidentiality. Instead, Facebook mines any and all transmissions... in order to gather any and all morsels of information it can about its users.” Facebook’s privacy policies have been going through data aggregation creep for the last few years. The site was discovered to be handing over user data to advertisers in 2010, including names and user IDs.

  • (ArsTechnica, Thursday, January 2, 2014)

    The National Security Agency is conducting what it calls "basic research" to determine whether it's possible to build a quantum computer that would be useful for breaking encryption. The news isn't surprising—it would be surprising if the NSA wasn't researching quantum computing given the measures it's taken to undermine encryption standards used to protect Internet communications. The NSA's quantum work was described in documents leaked by Edward Snowden and published today in the Washington Post. A three-page NSA document describes a project to conduct "basic research in quantum physics and architecture/engineering studies to determine if, and how, a cryptologically useful quantum computer can be built." This is part of a $79.7 million research program called "Penetrating Hard Targets." A project goal for fiscal 2013 was to "Demonstrate dynamical decoupling and complete quantum control on two semiconductor qubits," the basic building block of a large-scale quantum computer. The NSA description of the program says the agency will "[c]ontinue research of quantum communications technology to support the development of novel Quantum Key Distribution (QKD) attacks and assess the security of new QKD system designs."

  • (Electronic Frontier Foundation, Thursday, December 26, 2013)

    There is probably no bigger story in 2013 than that the American people having learned about the secret mass spying programs of the National Security Agency (NSA). While prior to 2013 the NSA's public line was that it was forbidden from spying on Americans in America, but with the Snowden revelations (and help from a wide range of journalists and technologists that helped explain them) the NSA was forced to admit that it secretly expanded its mandate from limited surveillance of specific foreign intelligence targets to a massive "collect it all" strategy where its goal is to ensure that no communication in the world is ever truly private or secure. With this, EFF’s long running lawsuit against key parts of NSA spying came to life, we launched another, and both the U.S. and the entire world finally began discussing whether we want to live in a world of general warrants and always-on surveillance or whether we want to regain our basic privacy, rule of law, and freedom of association.

  • (Wired, Friday, December 20, 2013)

    One would think that a federal judge calling an NSA program “almost Orwellian” would be a good sign for surveillance and privacy in 2014. Especially when coupled with his observation that the founding fathers would be “aghast” at the NSA’s bulk warrantless collection of telephone metadata, and his view that it’s therefore likely unconstitutional under the Fourth Amendment…And even though the findings released by President Obama’s surveillance review panel this week were more “a set of guidelines than a set of restrictions”, the more than 40 recommendations will no doubt compel major changes to the nation’s surveillance apparatus, right? Well, hold on. None of these things necessarily signals a turning point in the debate about surveillance. If you’re holding out hope for an act of political courage to end bulk surveillance and improve transparency, such as passage of the Leahy-Sensenbrenner USA Freedom Act to curb the NSA: Abandon hope, all ye whose data is indiscriminately collected here. Instead, here are some things to expect from the government, tech companies, and investors regarding surveillance and privacy this coming year.

  • (The Atlantic, Thursday, December 19, 2013)

    There was a time in the not so distant past when hardly any Internet company wanted to release a transparency report—a report that summarized the number of law enforcement and intelligence requests that they received and responded to. What started with just Google and Twitter in 2010 and 2012, respectively, has become a steady stream of companies joining the bandwagon in the wake of Edward Snowden’s revelations. Companies that had no interest in reporting one year ago now hold out their reports in an attempt to earn back eroded customer trust. The problem is that transparency reports actually tell us very little about whether we should trust these companies. According to Google’s latest transparency report, in the first six months of 2013, they received 25,879 requests for user data, and complied with 65 percent of them. Sounds like big numbers. And they are. As Google points out in their report, the number of requests has doubled since 2010. But what does that tell us about Google? Less than you might think.

  • (MarketWatch, Thursday, December 19, 2013)

    Verizon Communications Inc. (NYSE, Nasdaq: VZ) today announced plans to publish an online report that will provide data on the number of law enforcement requests for customer information that the company received in 2013 in the United States and other countries in which it does business. Verizon expects to publish an initial report in early 2014 and to update this report semi-annually. Randal S. Milch, executive vice president, public policy, and general counsel - Verizon, said: "Verizon is committed to our customers' privacy, and we do not sell information that individually identifies our customers to third parties without our customers' consent. All companies are required to provide information to government agencies in certain circumstances, however, and this new report is intended to provide more transparency about law enforcement requests. Although we have a legal obligation to provide customer information to law enforcement in response to lawful demands, we take seriously our duty to provide such information only when authorized by law. We have released the lion's share of this data for the past two years, and we are taking this step to make this information more consistently and easily available."

  • (Open Society Foundations, Wednesday, December 18, 2013)

    A United States federal judge ruled on Monday, December 16, that a government mass data surveillance program is most likely unconstitutional under the Fourth Amendment to the U.S. Constitution, which prohibits unreasonable searches and seizures. This case, Klayman v. Obama, is the first federal court decision dealing with the National Security Agency surveillance program that became public in June 2013 after Edward Snowden disclosed classified NSA documents to the media. Describing the NSA program as “almost-Orwellian technology,” Judge Richard Leon of the U.S. district court for the District of Columbia barred the government from collecting the phone data of the plaintiffs (Larry Klayman and Charles Strange) and required the government to destroy any previously collected data. The court stayed its order pending the government’s appeal, however, which could take six months or more.

  • (Al Jazeera America, Wednesday, November 27, 2013)

    National Security Agency surveillance has gathered records of online sexual activity and evidence of visits to pornographic websites as part of a plan to exploit the “personal vulnerabilities” of Muslims who the agency says are radicalizing others through incendiary speeches, The Huffington Post reported Tuesday, citing what it said was a top-secret NSA document. The document, provided by former government contractor Edward Snowden, reportedly explained how electronic surveillance can be used to damage someone’s credibility. “Some vulnerabilities, if exposed, would likely call into question a radicalizer’s devotion to the jihadist cause, leading to the degradation or loss of his authority,” the document, which was dated Oct. 3, 2012, said, according to The Huffington Post. The report identified exploitable behaviors as including “viewing sexually explicit material online or using sexually explicit persuasive language when communicating with inexperienced young girls.” The originator of the document is listed as DIRNSA (director of the National Security Agency), the report said.

  • (Center for Democracy and Technology, Tuesday, November 26, 2013)

    The Do Not Track Kids Act (DNTK) has resurfaced, bringing the debate over minors’ online privacy back to the federal level. Sponsored by now-Senator Markey and Representatives Barton and Rush, this year’s bill is largely the same as the Markey-Barton bill of 2011. As we noted in 2011, the DNTK bill’s use of the Fair Information Practice Principles framework is a good approach to protecting the privacy of users’ information – but extending those protections only to users in a certain age bracket raises significant complications for users and operators alike. The 2013 bill also brings back the “Eraser Button” concept (though it’s now simply called “Removal of Content”). Online ‘eraser buttons,’ or the European counterpart the ‘right to be forgotten,’ inherently raise critical questions about the interaction between one user’s privacy interest in data she’s shared and another’s free expression right to quote or comment on public information. I’ll discuss the challenges raised by ‘eraser buttons’ in more detail below, but one thing is clear: Piecemeal privacy regulations – whether it’s a state-by state approach or laws that only protect certain age groups – are not going to achieve the kind of comprehensive protection for personal data that Internet users deserve. Congress should focus its attention on developing and passing a baseline consumer privacy bill that recognizes the same privacy rights for everyone and avoids drawing operators into a tangled thicket of regulations.

     

  • (The New York Times, Monday, November 25, 2013)

    The recent revelation that the National Security Agency was able to eavesdrop on the communications of Google and Yahoo users without breaking into either company’s data centers sounded like something pulled from a Robert Ludlum spy thriller. How on earth, the companies asked, did the N.S.A. get their data without their knowing about it? The most likely answer is a modern spin on a century-old eavesdropping tradition. People knowledgeable about Google and Yahoo’s infrastructure say they believe that government spies bypassed the big Internet companies and hit them at a weak spot — the fiber-optic cables that connect data centers around the world and are owned by companies like Verizon Communications, the BT Group, the Vodafone Group and Level 3 Communications. In particular, fingers have been pointed at Level 3, the world’s largest so-called Internet backbone provider, whose cables are used by Google and Yahoo.

  • (The New York Times, Monday, November 25, 2013)

    Like many Americans and people around the world, I was deeply disturbed to hear the revelations of Edward Snowden about N.S.A. surveillance, which is an affront to the United States Bill of Rights. But as a filmmaker who has made a number of documentaries about technology and online activism, I can’t say that Snowden’s revelations came as a surprise. Some concerned citizens have long understood that powerful digital technologies can be abused to carve away at civil liberties. I created this Op-Doc with excerpts from interviews that I filmed for an ongoing documentary about the programmer and online activist Aaron Swartz, who was concerned about surveillance issues long before Mr. Snowden’s disclosures. This short film addresses the most common arguments I’ve heard from people who are not concerned about online surveillance, such as: “I’m not doing anything wrong, so why should I care?” and “We need this to keep us safe.” The Internet has placed all of us firmly in a new and insecure world. Simultaneously, a perpetual “war on terror” has infused within that world a culture of fear and anxiety, along with surveillance policies that will have long-lasting implications. Now is the moment for a course correction, where civil liberties are written not just into our laws but also into our computer code.

  • (CNet, Friday, November 22, 2013)

    Following in the footsteps of other tech companies, Twitter is beefing up its security to make it harder for outsiders -- including the government -- to uncover data, the company announced Friday. Twitter has added forward secrecy, a security measure that uses temporary, individual keys to encrypt each Web session, instead of relying on a single master key. Championed by Google, forward secrecy means an outside organization can't use the same key to decrypt previous messages. 

  • (CNet, Friday, November 15, 2013)

    The NSA allegedly gathered millions of records from Google and Yahoo data centers around the world, but soon, the agency might have a much harder time trying to collect this type of data. Google, Yahoo, Microsoft, Apple, and other prominent technology companies are investing heavily in stronger, 2048-bit encryption. Due to computing power constraints, it's expected to be more than a decade before this type of encryption can be easily overcome. Google, one of the leaders in the effort, announced in May that it would switch over to 2,048-bit encryption keys by the end of 2013. Yahoo recently confirmed to Bloomberg, which spoke with several tech companies that are investing in new encryption, that it will make 2048-bit encryption standard by January 2014 for all its Mail users. Facebook also plans to move to 2048-bit encryption, a spokeswoman told Bloomberg, and will roll out "perfect forward secrecy," a feature that prevents snoopers from accessing user data even if they can access the company's security codes.

  • (Reporters Without Borders, Thursday, November 14, 2013)

    Reporters Without Borders condemns Alabama-based journalist and blogger Roger Shuler’s detention for the past three weeks without any possibility of contesting the charges of contempt of court and resisting arrest brought against him. Shuler was roughed up by police during arrest outside his home on 23 October after ignoring a restraining order that constituted prior censorship because it banned him from publishing any further stories about an alleged affair between Robert Riley Jr, a lawyer linked to the Republican Party, and lobbyist Liberty Duke. He was initially due to appear before a judge on 7 November but the hearing was postponed and is now due to be held today. “As Shuler was not served with any official order or warrant at the time of arrest, we call for his immediate release and the withdrawal of all the charges against him.” Reporters Without Borders said. “While not disputing the right to bring a defamation action, we point out that the Supreme Court has ruled that pre-publication restraining orders are tantamount to censorship and therefore unconstitutional. Shuler cannot be guilty of contempt of court because the preliminary injunction issued by a judge was illegal.”

  • (The Washington Post, Thursday, November 14, 2013)

    Google's latest transparency report is out, and with it comes news that should be shocking to no one: Federal, state and local governments keep asking for more and more data. In the second half of 2009, U.S.-based data requests numbered 3,580. By the first half of this year, that number had risen to 10,918 — a 205 percent increase. That pattern is also reflected globally, though to a lesser extent. Over the same period, international data requests on Google users roughly doubled. For the first time, Google has also offered a detailed breakdown of the kinds of requests it receives. Previous reports simply divided the requests up into subpoenas, search warrants and an amorphous category called "Other." Now, the company distinguishes among wiretaps, pen registers and disclosures made in connection with life-threatening emergencies. If you click through to the full report on U.S. requests, Google helpfully explains the legal authority behind each kind of order. In most cases, the company cites the Electronic Communications Privacy Act, a law that's currently being considered for updates in Congress.

  • (The New York TImes, Thursday, November 14, 2013)

    Technology companies routinely receive requests form American government agencies for information about their users. The requests range from local police requests to solve a robbery to federal terrorism investigations.

  • (Wired, Wednesday, November 13, 2013)

    Adding limited public accountability to the NSA’s vast electronic spying programs would actually harm the privacy of Americans, Obama administration officials told a Senate hearing today. A subcommittee of the Senate Judiciary Committee this morning debated legislation that would force the government to release statistics on how many Americans have had their data scooped into various spy programs exposed by NSA whistleblower Edward Snowden. The legislation, proposed by Sen. Al Franken (D-Minnesota), requires annual disclosure of the number of Americans whose information was collected, even if they were not the direct targets of the surveillance. The Surveillance Transparency Act would also allow internet companies like Google, Apple, Facebook, Microsoft and others to divulge the number of their users targeted under the programs. The measure comes amid fierce debate over two other legislative proposals: one to legally strengthen the NSA’s snooping authority, and the other to dramatically reduce it. Robert Litt, the general counsel for the Office of the Director of National Intelligence, and Bradford Wiegmann, deputy assistant attorney general, told the Committee on Privacy, Technology and the Law today that it would have a “privacy diminishing effect” if intelligence officials were forced to review every piece of data vacuumed up under its internet and phone surveillance programs.

  • (ArsTechnica, Wednesday, November 13, 2013)

    Speaking before a senatorial subcommittee on Wednesday, the intelligence community’s top lawyer told senators that the National Security Agency is incapable of knowing how often Americans’ data is captured inadvertently. Robert Litt, general counsel at the Office of the Director of National Intelligence, told the Senate Judiciary Subcommittee on Privacy the problem is that it would be “very resource-intensive” to figure out whether foreign targets are communicating with Americans, according to The Hill. While Americans theoretically have protection from intrusive government searches under the Fourth Amendment, foreigners certainly do not. And Litt noted that determining that "second hop" person’s nationality would “perversely require a greater invasion of that person’s privacy.” However, Sen. Al Franken (D-MN), who chairs the committee, suggested that it would be possible “through statistical sampling."

  • (Electronic Frontier Foundation, Wednesday, November 13, 2013)

    After years of secret trade negotiations over the future of intellectual property rights (and limits on those rights), the public gets a chance to looks at the results. For those of us who care about free speech and a balanced intellectual property system that encourages innovation, creativity, and access to knowledge, it’s not a pretty picture. Today Wikileaks published a complete draft of the Trans-Pacific Partnership (TPP) agreement’s chapter on “intellectual property rights.” The leaked text, from August 2013, confirms long-standing suspicions about the harm the agreement could do to users’ rights and a free and open Internet. From locking in excessive copyright term limits to further entrenching failed policies that give legal teeth to Digital Rights Management (DRM) tools, the TPP text we’ve seen today reflects a terrible but unsurprising truth: an agreement negotiated in near-total secrecy, including corporations but excluding the public, comes out as an anti-user wish list of industry-friendly policies. Despite the Obama administration’s top U.S. negotiators’ fast approaching their self-imposed 2013 deadline to complete the agreement, today’s leak is the public’s first look at the sprawling text since a February 2011 leak [pdf] of the same chapter and a July 2012 leak of an individual section. And even as the public has been completely shut out, the U.S. Trade Representative has lobbied for wider latitude to negotiate and for “fast-track authority” to bypass Congressional review.

  • (CNet, Friday, November 1, 2013)

    United States Secretary of State John Kerry has acknowledged that some of the government's surveillance activities reached too far. Answering questions about the surveillance controversy on Thursday from attendees of the Open Government Partnership conference, Kerry said that some of the actions occurred because the program was on autopilot, inferring that the Obama administration was unaware of what was going on. "The president and I have learned of some things that have been happening in many ways on an automatic pilot, because the technology is there and the ability is there," Kerry said, according to the Guardian. "In some cases, some of these actions have reached too far and we are going to try to make sure it doesn't happen in the future."

  • (CircleID, Friday, November 1, 2013)

    It is a safe assumption that if you are reading this post, you like technology. If that is the case, then you understand the tremendous economic, cultural, and human rights benefits an open, universal, and free Internet provides. That freedom is under attack. And it is our responsibilities, as stakeholders in a successful Internet, to balance governments and have an open dialog on the topic. If this issue is not talked about, people will lose faith in the openness and will look to balkanize the Internet.

  • (Electronic Frontier Foundation, Thursday, October 31, 2013)

    Sen. Dianne Feinstein, the chairman of the Senate Intelligence Committee and one of the NSA’s biggest defenders, released what she calls an NSA “reform” bill today. Don’t be fooled: the bill codifies some of the NSA’s worst practices, would be a huge setback for everyone’s privacy, and it would permanently entrench the NSA’s collection of every phone record held by U.S. telecoms. We urge members of Congress to oppose it. We learned for the first time in June that the NSA secretly twisted and re-interpreted Section 215 of the Patriot Act six years ago to allow them to vacuum up every phone record in America—continuing an unconstitutional program that began in 2001. The new leaks about this mass surveillance program four months ago have led to a sea change in how Americans view privacy, and poll after poll has shown the public wants it to stop. But instead of listening to her constituents, Sen. Feinstein put forth a bill designed to allow the NSA to monitor their calls. Sen. Feinstein wants the NSA to continue to collect the metadata of every phone call in the United States—that’s who you call, who calls you, the time and length of the conversation, and under the government’s interpretation, potentially your location—and store it for five years. This is not an NSA reform bill, it’s an NSA entrenchment bill.

  • (The New York Times, Thursday, October 31, 2013)

     Google has spent months and millions of dollars encrypting email, search queries and other information flowing among its data centers worldwide. Facebook’s chief executive said at a conference this fall that the government “blew it.” And though it has not been announced publicly, Twitter plans to set up new types of encryption to protect messages from snoops. It is all reaction to reports of how far the government has gone in spying on Internet users, sneaking around tech companies to tap into their systems without their knowledge or cooperation. What began as a public relations predicament for America’s technology companies has evolved into a moral and business crisis that threatens the foundation of their businesses, which rests on consumers and companies trusting them with their digital lives. So they are pushing back in various ways — from cosmetic tactics like publishing the numbers of government requests they receive to political ones including tense conversations with officials behind closed doors. And companies are building technical fortresses intended to make the private information in which they trade inaccessible to the government and other suspected spies.

  • (Al Jazeera America, Wednesday, October 30, 2013)

    The National Security Agency advised its officials to cite the 9/11 attacks as justification for its mass surveillance activities, according to a master list of NSA talking points. The document, obtained by Al Jazeera through a Freedom of Information Act request, contains talking points and suggested statements for NSA officials (PDF) responding to the fallout from media revelations that originated with former NSA contractor Edward Snowden. Invoking the events of 9/11 to justify the controversial NSA programs, which have caused major diplomatic fallout around the world, was the top item on the talking points that agency officials were encouraged to use. Under the subheading “Sound Bites That Resonate,” the document suggests the statement “I much prefer to be here today explaining these programs, than explaining another 9/11 event that we were not able to prevent.”

  • (The Guardian, Wednesday, October 30, 2013)

    Google and Yahoo, two of the world's biggest tech companies, reacted angrily to a report on Wednesday that the National Security Agency has secretly intercepted the main communication links that carry their users' data around the world. Citing documents obtained from former NSA contractor Edward Snowden and interviews with officials, the Washington Post claimed the agency could collect information "at will" from among hundreds of millions of user accounts. The documents suggest that the NSA, in partnership with its British counterpart GCHQ, is copying large amounts of data as it flows across fiber-optic cables that carry information between the worldwide data centers of the Silicon Valley giants. The intelligence activities of the NSA outside the US are subject to fewer legal constraints than its domestic actions.

  • (New America Foundation, Monday, October 28, 2013)

    The most encouraging contradiction in telecommunications policy today is the gap between claims of a “looming spectrum crisis” for mobile carriers and the reality that consumers rely increasingly on a relatively small amount of unlicensed spectrum to satisfy their exploding demand for streaming video, music and other applications on mobile devices. Consumer demand for bandwidth-intensive apps is outstripping the capacity of mobile carrier spectrum and infrastructure. Six short years ago, before the iPhone, virtually all mobile device traffic was routed over a carrier’s exclusively licensed spectrum and through cell towers and other carrier-provisioned infrastruc- ture. Today, less than two-thirds of smartphone data traffic—and less than 10 percent of iPad data—are traversing carrier networks. The rest is transmitted a very short distance, at low power, over unlicensed spectrum, and into a wireline network that the end user (or an employer or a wireline ISP) has already provisioned. The share of mobile device traffic offloaded over unlicensed spectrum onto residential and business wireline networks is likely to surpass two-thirds over the next several years as the cable industry and many telcos continue to knit together millions of indoor and outdoor Wi-Fi access points.

  • (ArsTechnica, Sunday, October 27, 2013)

    In recent months, I’ve started to take my own digital security much more seriously. I encrypt my e-mail when possible, I’ve moved away from Gmail, and I’ve become much more vigilant about using a VPN nearly all the time. Just as cryptographers and security researchers are auditing tools like TrueCrypt, I’ve started to kick the tires of the products that I rely upon on a daily basis. When I lived in Germany between 2010 and 2012, my wife and I paid $40 a year for a commercial VPN so we could continue to watch Hulu. But upon our return stateside, I kept paying for it anyway, for privacy-minded reasons. There are lots of VPNs out there, but the one I use is Private Internet Access (PIA). Why PIA? No particular reason, really. I don’t remember exactly how I came to choose it, but I remember seeing it in a roundup of VPNs listed on TorrentFreak. I now use PIA nearly every day, almost all the time, and that got me wondering: how does the company respond to real-world legal requests? Has it ever been compelled to hand over user data? Were those users ever notified? Unfortunately, Private Internet Access’ website doesn’t really make clear who is behind its site. The site’s footer points to London Trust Media, which also provides nothing more than an e-mail address. A little searching led me to find, and then get in touch with, the CEO of London Trust Media, Andrew Lee—one of the firm's two owners.

  • (Al Jazeera America, Saturday, October 26, 2013)

    Thousands of protesters marched Saturday on Capitol Hill in Washington to protest against the National Security Agency's spying programs. Saturday’s protest comes amid a widening scandal revealing sweeping U.S. surveillance on the communications of ordinary citizens and global leaders that has sparked outrage worldwide. German spy chiefs will travel to the U.S. next week to demand answers following allegations that the NSA has been tapping Chancellor Angela Merkel's mobile phone. The U.S. may have bugged Merkel's phone for more than 10 years, according to a report in German magainze Der Spiegel. The news report on Saturday also said that President Barack Obama told the German leader he would have stopped it happening had he known about it. The reports of bugging prompted Germany to summon the U.S. ambassador this week for the first time, an unprecedented post-war diplomatic rift.

  • (ArsTechnica, Friday, October 25, 2013)

    The Electronic Frontier Foundation, security expert Bruce Schneier, and 23 others have called on antivirus providers around the world to protect their users against malware spawned by the National Security Agency and other groups that carry out government surveillance. The move comes amid revelations that the NSA has a wide-ranging menu of software exploits at its disposal that have been used to identify users of the Tor anonymity service, track iPhone users, and monitor the communications of surveillance targets. Schneier has said that the NSA only relies on these methods when analysts have a high degree of confidence that the malware won't be noticed. That means detection by AV programs could make the difference between such attacks succeeding, failing, or being used at all. "As a manufacturer of antivirus software, your company has a vital position in providing security and maintaining the trust of internet users as they engage in sensitive activities such as electronic banking," the 25 signatories wrote in an open letter sent on Thursday to AV companies. "Consequently, there should be no doubt that your company's software provides the security needed to maintain this trust."

  • (The Guardian, Saturday, October 19, 2013)

    One of the most disturbing aspects of the public response to Edward Snowden's revelations about the scale of governmental surveillance is how little public disquiet there appears to be about it. A recent YouGov poll, for example, asked respondents whether the British security services have too many or too few powers to carry out surveillance on ordinary people. Forty-two per cent said that they thought the balance was "about right" and a further 22% thought that the security services did not have enough powers. In another question, respondents were asked whether they thought Snowden's revelations were a good or a bad thing; 43% thought they were bad and only 35% thought they were good. Writing in these pages a few weeks ago, Henry Porter expressed his own frustration at this public complacency. "Today, apparently," he wrote, "we are at ease with a system of near total intrusion that would have horrified every adult Briton 25 years ago. Back then, western spies acknowledged the importance of freedom by honouring the survivors of those networks; now, they spy on their own people. We have changed, that is obvious, and, to be honest, I wonder whether I, and others who care about privacy and freedom, have been left behind by societies that accept surveillance as a part of the sophisticated world we live in."

  • (The Washington Post, Friday, October 11, 2013)

    A jolt of pride and panic flashed through the Electronic Frontier Foundation when the first images of Edward Snowden appeared, showing a sandy-haired young man with glasses, a budding goatee and a bright red sticker on his laptop computer proclaiming, “I Support Online Rights.” The sticker was part of the membership kit for EFF, a leading opponent of government surveillance, but one used to operating beyond the spotlight. Some of its leaders feared Snow­den’s public embrace would thrust it to the middle of a blazing Washington scandal just as the government was looking for someone to blame.

  • (The Internet Governance Project, Friday, October 11, 2013)

    n Montevideo, Uruguay this week, the Directors of all the major Internet organizations – ICANN, the Internet Engineering Task Force, the Internet Architecture Board, the World Wide Web Consortium, the Internet Society, all five of the regional Internet address registries – turned their back on the US government. With striking unanimity, the organizations that actually develop and administer Internet standards and resources initiated a break with 3 decades of U.S. dominance of Internet governance. A statement released by this group called for “accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing.” That part of the statement constituted an explicit rejection of the US Commerce Department’s unilateral oversight of ICANN through the IANA contract. It also indirectly attacks the US unilateral approach to the Affirmation of Commitments, the pact between the US and ICANN which provides for periodic reviews of its activities by the GAC and other members of the ICANN community. (The Affirmation was conceived as an agreement between ICANN and the US exclusively – it would not have been difficult to allow other states to sign on as well.)

  • (IFEX, Friday, October 11, 2013)

    EFF is joining more than 30 major Canadian organizations to form the largest pro-privacy coalition in Canadian history. With the Canadian Parliament set to resume, the Protect Our Privacy Coalition has banded together to ensure Canadians get effective legal measures to protect their privacy against government intrusion. The broad-based coalition includes organizations and individuals from a wide range of political perspectives, including citizen groups, civil liberties groups, privacy advocates, right-leaning organizations, First Nations groups, labour groups, small businesses, LGBT groups, and academic experts, all of whom have signed onto this statement: More than ever, Canadians need strong, genuinely transparent, and properly enforced safeguards to secure privacy rights. We call on the [Canadian] Government to put in place effective legal measures to protect the privacy of every resident of Canada against intrusion by government entities.  

  • (ArsTechnica, Friday, October 11, 2013)

    Ladar Levison shuttered his 10-year-old secure e-mail business in August, citing cryptic threats from the government. Last week, the documents in his case were unsealed, and the public learned what the government had sought from Lavabit: the ability to monitor in real time the e-mail of a single user. After discovering that there was no way to tap into the e-mail of the individual Lavabit user they were after, federal agents demanded Lavabit's private SSL key, which would give them the ability to monitor every Lavabit user. The judge agreed and ordered Lavabit to comply, threatening $5,000-per-day fines against Levison if the company didn't. Levison supplied the private keys—and then shut down his e-mail service, destroying his 10-year-old business rather than giving the government the data it wanted. The name of the target is still under seal, but it's now widely believed to be Edward Snowden. The government became embroiled with Lavabit in May, which is when Snowden disappeared from his job at Booz Allen Hamilton and the feds started looking for him. After a certain amount of jockeying over deadlines, Lavabit's full appeal brief has now been filed, and it lays out with clarity the company's legal arguments.

  • (Committee to Protect Journalists, Thursday, October 10, 2013)

    U.S. President Barack Obama came into office pledging open government, but he has fallen short of his promise. Journalists and transparency advocates say the White House curbs routine disclosure of information and deploys its own media to evade scrutiny by the press. Aggressive prosecution of leakers of classified information and broad electronic surveillance programs deter government sources from speaking to journalists. In the Obama administration’s Washington, government officials are increasingly afraid to talk to the press. Those suspected of discussing with reporters anything that the government has classified as secret are subject to investigation, including lie-detector tests and scrutiny of their telephone and e-mail records. An “Insider Threat Program” being implemented in every government department requires all federal employees to help prevent unauthorized disclosures of information by monitoring the behavior of their colleagues. Six government employees, plus two contractors including Edward Snowden, have been subjects of felony criminal prosecutions since 2009 under the 1917 Espionage Act, accused of leaking classified information to the press—compared with a total of three such prosecutions in all previous U.S. administrations. Still more criminal investigations into leaks are under way. Reporters’ phone logs and e-mails were secretly subpoenaed and seized by the Justice Department in two of the investigations, and a Fox News reporter was accused in an affidavit for one of those subpoenas of being “an aider, abettor and/or conspirator” of an indicted leak defendant, exposing him to possible prosecution for doing his job as a journalist. In another leak case, a New York Times reporter has been ordered to testify against a defendant or go to jail.

  • (The Guardian, Thursday, October 10, 2013)

    By now, most people are aware that the NSA collects massive amounts of information on ordinary Americans. NSA Chief Keith Alexander would tell you that the government must collect the entire haystack to find the needle. But what happens to the rest of the haystack – the information about law-abiding citizens that gets swept up under ever-expanding collection authorities? The answer might surprise you. In theory, at least, some agencies are supposed to treat the hay differently from the needle. Since the Reagan era, the NSA has been required to be scrupulously careful with information involving Americans. US citizens and others in the United States may not be targeted without a warrant, and "incidentally collected" communications involving Americans may be kept or shared only under specified procedures. In practice, the picture looks quite different.

  • (ArsTechnica, Thursday, October 10, 2013)

    Privacy matters, because someday our personal data might be making choices for us. This was the argument of Kate Crawford, a principal at Microsoft Research speaking at MIT’s EmTech conference Wednesday. Currently, there is scarcely any regulation of data scraped from our social media presences and online activity, and companies’ use of that information could result in discrimination. Craig Mundie, a senior adviser to the CEO at Microsoft, said while speaking at the same conference that this misuse of personal data is so bad it ought to be classified as a felony. Websites are snatching and grabbing data any way they can nowadays, both to improve their own services and also to anonymize and sell. The trouble is that anonymization rarely works; while big data is often touted as a way to identify larder trends or arcs, it’s almost trivially easy to re-individualize and use on one person. As a result, companies are increasingly using personal identifying information collected online to shape the experience of their customers. But it’s not just for harmless personalization: big data is “being used for more and more precise forms of discrimination—a form of data redlining,” said Crawford.

  • (The New York Times, Tuesday, October 8, 2013)

    Can we ever trust the Internet again? In the wake of the disclosures about the National Security Agency’s surveillance programs, considerable attention has been focused on the agency’s collaboration with companies like Microsoft, Apple and Google, which according to leaked documents appear to have programmed “back door” encryption weaknesses into popular consumer products and services like Hotmail, iPhones and Android phones. But while such vulnerabilities are worrisome, equally important — and because of their technical nature, far less widely understood — are the weaknesses that the N.S.A. seems to have built into the very infrastructure of the Internet. The agency’s “upstream collection” capabilities, programs with names like Fairview and Blarney, monitor Internet traffic as it passes through the guts of the system: the cables and routers and switches.

  • (Center for Democracy and Technology, Friday, October 4, 2013)

    Today, a distinguished group of forty-seven of the world’s leading technologists – with extensive expertise in security, privacy, and cryptography – submitted public comments to the NSA Review Group, formally the Director of National Intelligence Review Group on Intelligence and Communications Technology. 

  • (Washington Post, Friday, October 4, 2013)

    On Nov. 1, 2007, the National Security Agency hosted a talk by Roger Dingledine, principal designer of one of the world’s leading Internet privacy tools. It was a wary encounter, akin to mutual intelligence gathering, between a spy agency and a man who built tools to ward off electronic surveillance. According to a top-secret NSA summary of the meeting, Dingledine told the assembled NSA staff that his service, called Tor, offered anonymity to people who needed it badly — to keep business secrets, protect their identities from oppressive political regimes or conduct research without revealing themselves. In the minds of NSA officials, Tor was offering protection to terrorists and other intelligence targets.

  • (The Guardian, Friday, October 4, 2013)

    Today, the Guardian is reporting on how the NSA targets Tor users, along with details of how it uses centrally placed servers on the internet to attack individual computers. This builds on a Brazilian news story from last week that, in part, shows that the NSA is impersonating Google servers to users; a German story on how the NSA is hacking into smartphones; and a Guardian story from two weeks ago on how the NSA is deliberately weakening common security algorithms, protocols, and products. The common thread among these stories is that the NSA is subverting the internet and turning it into a massive surveillance tool. The NSA's actions are making us all less safe, because its eavesdropping mission is degrading its ability to protect the US.

  • (IFEX, Friday, October 4, 2013)

    "Computers are everywhere. They are now something we put our whole bodies into—airplanes, cars—and something we put into our bodies—pacemakers, cochlear implants. They HAVE to be trustworthy." –EFF Fellow Cory Doctorow. Cory's right, of course. And that's why the recent New York Times story on the NSA's systematic effort to weaken and sabotage commercially available encryption used by individuals and businesses around the world is so important—and not just to people who care about political organizing, journalists or whistleblowers. Thanks to additional reporting, we now know it matters deeply to companies including Brazil's Petrobras and Belgium's Belgacom, who are concerned about protecting their infrastructure, negotiating strategies and trade secrets. But really, it matters to all of us.

     

  • (The Guardian, Thursday, October 3, 2013)

    The email service used by whistleblower Edward Snowden refused FBI requests to "defeat its own system," according to newly unsealed court documents. The founder of Lavabit, Ladar Levison, repeatedly pushed back against demands by the authorities to hand over the encryption keys to his system, frustrating federal investigators who were trying to track Snowden's communications, the documents show. Snowden called a press conference on 12 July at Moscow's international airport, using a Lavabit address. The court documents show the FBI was already targeting the secure email service before the invite was sent.

  • (ArsTechnica, Wednesday, October 2, 2013)

    The governor of California has signed Senate Bill 255, which will make the posting of "revenge porn" a crime. Revenge porn made headlines this year; the success of Hunter Moore's IsAnybodyUp spawned even more tasteless sites like IsAnybodyDown, founded by Craig Brittain. That site, which has been taken down, ran on an extortion-like business model. Nude pictures were posted with identifying information, without the consent of the subjects. The only way to get the photos down was to make a payment, which was apparently going to the owner of the site, Craig Brittain—although Brittain denied that to the end. In California, anyone distributing nude photos online with an "intent to harass or annoy" can now face six months in jail as well as a $1,000 fine. The bill was signed yesterday and goes into effect immediately.

  • (Mashable, Wednesday, October 2, 2013)

    If you're looking for U.S. demographic information, the website of the Census Bureau can't help you. In the wake of the U.S. federal government shutdown, the agency's website has been temporarily terminated. A notice that the Census site and its services are unavailable replaces the usual supply of facts and figures. The Census Bureau is just one of a handful of federal websites that have gone dark during the shutdown, the nation's first since 1995. As Ars Technicha reports, ten federal websites are currently inaccessible, including the sites for the Library of Congress and the Federal Trade Commission. Fortunately, however, government websites are not the sole place government information is kept. There are resources available for accessing government data while the shutdown precludes access to certain agency sites.

  • (CNN, Monday, September 30, 2013)

    Can graphic design help protect your privacy? Sang Mun, a designer and former NSA contractor, thinks so.
    Just months after Edward Snowden controversially lifted the lid on digital surveillance being conducted by the U.S. and other governments, the issue of online privacy is back in the spotlight. Earlier this month Facebook CEO Mark Zuckerberg expressed concern that users' trust in internet companies had been damaged by the revelations. Google's Eric Schmidt also called for greater transparency from the U.S. government over surveillance. Sang Mun's response was more direct -- the Korean designer has created four new fonts called ZXX that aim to disrupt the Optical Character Recognition (OCR) systems used by Google and others to analyze text.

  • (The New York Times, Saturday, September 28, 2013)

    Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials. The spy agency began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after N.S.A. officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former N.S.A. contractor. The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the United States, according to an N.S.A. memorandum from January 2011. 

  • (BBC, Thursday, September 26, 2013)

    Yahoo email addresses reassigned to a new owner are receiving personal emails intended for the previous owner. One man told news site Information Week that he had received emails with some highly sensitive information in them. In June the web firm announced Yahoo addresses and IDs would be reassigned if they had been inactive for a year. Privacy experts called on Yahoo to address the issue "immediately". Yahoo says it has taken a series of measures to overcome privacy and security fears. "Before recycling inactive accounts we attempted to reach the account owners [in] multiple ways to notify them that they needed to log in to their account or it would be subject to recycling," a Yahoo representative told the BBC.

     

  • (CNet, Thursday, September 26, 2013)

    Several US senators are trying to clamp down on the activities of the National Security Agency through a new bill.
    Unveiled in Congress on Wednesday, the Intelligence Oversight and Surveillance Reform Act aims to stop the NSA's bulk collection of the records of US citizens. Specifically, the bill wants to amend certain sections of the Foreign Intelligence Services Act (FISA), which the NSA has used to justify its data gathering. One amendment to FISA would prohibit the bulk collection of phone records, while another would prevent the bulk gathering of e-mail records. In the case of phone records, the government would still be able to get the records of anyone suspected of terrorism or anyone in contact with a suspected terrorist. The bill would also end a loophole for "back door searches," which allow the government to access the records of American citizens without a warrant. The government would only be allowed to gather records that are to or from a suspected terrorist, rather than those that are simply "about the target."

  • (Wired, Wednesday, September 25, 2013)

    Google is asking a federal appeals court to reconsider a recent ruling finding Google potentially liable for wiretapping when it secretly intercepted data on open Wi-Fi routers. The Mountain View-based company said the September 10 decision by the 9th U.S. Circuit Court of Appeals will create “confusion” (.pdf) about which over-the-air signals are protected by the Wiretap Act, including broadcast television. The case concerns nearly a dozen combined lawsuits seeking damages from Google for eavesdropping on open Wi-Fi networks from its Street View mapping cars. The vehicles, which rolled through neighborhoods around the world, were equipped with Wi-Fi–sniffing hardware to record the names and MAC addresses of routers to improve Google location-specific services. But the cars also gathered snippets of content.

  • (CNet, Monday, September 23, 2013)

    Teenagers in California worried that their online posts might jeopardize their future opportunities have gained a measure of recourse in the form of an online "eraser button." Legislation signed Monday by Gov. Jerry Brown will require Web sites, apps, and online services geared toward minors to offer, by 2015, the option of removing information posted by minors should they request it. The motivation behind the law to prevent young adults from being haunted by youthful indiscretions. "Children and teens often self-reveal before they self-reflect and may post sensitive personal information about themselves -- and about others -- without realizing the consequences," James Steyer, founder of nonprofit group Common Sense Media, wrote in a letter to Brown advocating for the law.

  • (Center for Democracy and Technology, Monday, September 23, 2013)

    It’s been nearly two years since the sudden demise of the Stop Online Privacy Act (SOPA) stunned Members of Congress and other power brokers across the Washington DC establishment. CDT President Leslie Harris offered some early thoughts on the meaning of SOPA’s resounding defeat, and now two recent books are taking a fuller look at how the battle over SOPA played out. The books, Hacking Politics: How Geeks, Progressives, The Tea Party, Gamers, Anarchists and Suits Teamed up to Defeat SOPA and Save the Internet and The Fight for the Future: How People Defeated Hollywood and Saved the Internet--For Now, are available online, and offer perspectives on the genuinely profound way several usually apolitical communities united to stop a dangerous piece of legislation. CDT was very much at the heart of the battles against SOPA and its companion, the Protect IP ACT (PIPA), and contributed a chapter to Hacking Politics.

  • (The New York Times, Saturday, September 21, 2013)

    Four LinkedIn users have filed a lawsuit accusing the business-oriented social network of accessing their e-mail accounts without permission, harvesting the addresses of their contacts and spamming those people with repeated invitations to join the service. In their most explosive claim, the plaintiffs say that LinkedIn is “breaking into” external e-mail accounts, like Gmail or Yahoo Mail, by pretending to be the account owner, although the legal complaint offers no details about that assertion. Larry Russ, a lawyer for the plaintiffs, declined to comment beyond the suit.

  • (Poynter, Friday, September 20, 2013)

    Patch reporter Joseph Hosey must give up the source of police reports about a grisly murder he covered or face jail, Will County Circuit Court Judge Gerald Kinney ruled Friday. SouthtownStar/Sun-Times reporter Casey Toner reported on Twitter that one of the attorneys pressing for this ruling told the court “he didn’t think ‘any legitimate journalist should fear the outcome of this.’” Hosey has 180 days to give up his source, Kinney said. He’ll be fined $300 per day as well. The report had ghastly details like two of the accused murderers purportedly confessing to having sex on top of the bodies of their victims.

  • (The Guardian, Friday, September 20, 2013)

    "Properly implemented strong crypto systems are one of the few things that you can rely on," declared Edward Snowden, the former computer technician at America's National Security Agency (NSA) responsible for leaking a trove of documents about his erstwhile employer's activities, in an online question-and-answer session in June. The revelations published on 5 September by the Guardian, the New York Times and ProPublica, explain his careful choice of words. Many cryptographic systems in use on the internet, it seems, are not "properly implemented", but have been weakened by flaws deliberately introduced by the NSA as part of a decade-long programme to ensure it can read encrypted traffic.

  • (The Guardian, Friday, September 20, 2013)

    Most of us have moved beyond the tired debates about whether interactions online are the same as ones in person. Now the legal system is finally catching up on what constitutes free speech in the digital age. Facebook's "Like" button got some key support as an expression of speech when an appellate court overturned a perverse lower court ruling that had ruled clicking a button wasn't the same as saying something out loud. The case involved employees in a Virginia sheriff's department who were making clear their support for their boss' challenger by "liking" some of the other candidate's Facebook posts. The sheriff fired them. They sued for reinstatement. A lower court had thrown out their case, saying that clicking a button wasn't an "actual statement". They appealed, and for now they seem to be prevailing. It's a good thing, because this case had created plenty of consternation in legal and free-speech circles.

  • (ArsTechnica, Sunday, September 15, 2013)

    Recent leaks about the NSA's Internet spy programs have sparked renewed interest in government surveillance, though the leaks touch largely on a single form of such surveillance—the covert one. But so-called "open source intelligence" (OSINT) is also big business— and not just at the national/international level. New tools now mine everything from "the deep Web" to Facebook posts to tweets so that cops and corporations can see what locals are saying. Due to the sheer scale of social media posts, many tools don't even aim at providing a complete picture. Others do.
     

  • (Electronic Frontier Foundation, Thursday, September 12, 2013)

    Acxiom, a data broker that collects 1,500 data points per person on over 700 million consumers total and sells analysis of such information, is trying to ward off federal privacy regulations by flaunting transparency—a diluted term, in this case—around user data. The company just launched AboutTheData.com, a site that will let users see and edit some information that Acxiom has about them—only "some," since Acxiom's analytics reveal far more information about you (living habits and personal preferences) that isn't readily available to you, but is sold to partner companies.
     

  • (The New York Times, Tuesday, September 10, 2013)

    The federal agency charged with recommending cybersecurity standards said Tuesday that it would reopen the public vetting process for an encryption standard, after reports that the National Security Agency had written the standard and could break it. “We want to assure the I.T. cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place,” The National Institute of Standards and Technology said in a public statement. “N.I.S.T. would not deliberately weaken a cryptographic standard.”
     

  • (CNet, Monday, September 9, 2013)

    Three prominent online companies filed a petition with the US Foreign Intelligence Surveillance Court in an attempt to improve transparency with users. Google, Facebook, and Yahoo on Monday announced the petition which requests that the US government allow the companies to publish, in detail, the types of national security requests they have received under the controversial Foreign Intelligence Surveillance Act. Google has also requested that the court hold the hearing publicly and not in private.

  • (Al Jazeera America, Monday, September 9, 2013)

    A potential landmark case for U.S. regulation of Internet traffic goes before a panel of federal judges on Monday, testing whether the Federal Communications Commission (FCC) has authority to enforce so-called net neutrality rules. Net neutrality is the principle that Internet users should be able to access any Web content and use any applications they choose, without restrictions or varying charges imposed by Internet service providers or the government. Oral arguments in the case pit Verizon Communications against the FCC, with the biggest U.S. wireless provider challenging the commission's order that guides how Internet service providers manage their networks.
     

  • (Center for Democracy & Technology, Friday, September 6, 2013)

    Amid this summer’s ongoing revelations of widespread government surveillance, another Internet policy issue with Constitutional implications is bubbling back up to the surface. On Monday, the DC Circuit Court of Appeals will at last hear oral argument in Verizon’s 2011 challenge to the FCC’s 2010 Open Internet Rules. Yes, Internet Neutrality is coming back onto DC’s radar. And while the particular arguments we will hear on Monday may well focus on seemingly arcane legal questions about the FCC’s statutory mandate, this case carries major implications for the future of communications in the United States. There are three big picture points that stand out.
     

  • (Pew Internet & American Life Project, Thursday, September 5, 2013)

    This survey by the Pew Research Center’s Internet Project was underwritten by Carnegie Mellon University. The findings in this report are based on data from telephone interviews conducted by Princeton Survey Research Associates International from July 11-14, among a sample of 1,002 adults ages 18 and older.  Telephone interviews were conducted in English by landline and cell phone. For results based on the total sample, one can say with 95% confidence that the error attributable to sampling is plus or minus 3.4 percentage points and for the results from 792 internet and smartphone users in the sample, the margin of error is 3.8 percentage points.  More information is available in the Methods section at the end of this report.

  • (Intellectual Property Watch, Thursday, September 5, 2013)

    The United States State Department has made a one-time contribution of US$350,000 to the perennially cash-strapped Internet Governance Forum, a multi-stakeholder discussion forum established by the 2003-2005 World Summit on the Information Society (WSIS). “As part of the United States efforts to ensure a continued open, interoperable, and secure Internet through global, multistakeholder participation, the State Department’s Bureau of International Organization Affairs is providing $350,000 as a one-time contribution for the Internet Governance Forum (IGF) from its 2012 International Organizations and Programs (IO&P) budget,” it said in a press release. “This funding goes to the trust fund for the IGF Secretariat based in Geneva for its operational expenses.”
     

  • (The Guardian, Thursday, September 5, 2013)

    Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.
     

  • (Wired, Thursday, September 5, 2013)

    Edward Snowden’s revelations about the NSA’s mass internet surveillance is driving development of a slew of new email tools aimed at providing end-to-end encryption to users, and it has boosted interest in existing privacy tools too. The latest entry in the crypto mail field is Scramble, encrypted webmail software coded by recent Stanford University computer science graduate Daniel Posch. Though it’s incomplete and untested — don’t use it to thwart the NSA — Scramble tries to provide the same type of security as encryption clients like GPG, but with the convenience of webmail.
     

  • (WikiLeaks, Wednesday, September 4, 2013)

    Today, Wednesday 4 September 2013 at 1600 UTC, WikiLeaks released 'Spy Files #3' – 249 documents from 92 global intelligence contractors. These documents reveal how, as the intelligence world has privatised, US, EU and developing world intelligence agencies have rushed into spending millions on next-generation mass surveillance technology to target communities, groups and whole populations. 

  • (Idea Lab, Wednesday, September 4, 2013)

    New technology tools, combined with raised expectations among voters and stakeholders for government transparency, have sparked a movement toward “open government.” Championed by advocacy organizations and a few high-profile elected officials, the trend seeks to promote greater accountability and responsiveness for the systems of representative democracy. An area of particular opportunity — as well as potential concern — is the growing cache of large datasets of public information now available on the Internet. Government entities from cities to nations are making data not only public but accessible. Earlier, such data was often buried in City Hall filing cabinets, provided only after Freedom of Information Act requests, or published electronically but in cumbersome formats. Machine-readable formats allow new applications, analysis and visualizations to be developed by anyone with basic skills and an Internet connection. Datasets from many corners of government are coming online: public health and demographic information, business licenses and property ownership, campaign contributions and expenditures, crime reports, school test scores, and much more.
     

  • (Electronic Frontier Foundation, Wednesday, September 4, 2013)

    This year marks the 10-year anniversary of the enforcement of the Children’s Internet Protection Act (CIPA), which brought new levels of Internet censorship to libraries across the country. CIPA was signed into law in 2000 and found constitutional by the Supreme Court in 2003. The law is supposed to encourage public libraries and schools to filter child pornography and obscene or “harmful to minors” images from the library’s Internet connection in exchange for continued federal funding. Unfortunately, as Deborah Caldwell-Stone explains in Filtering and the First Amendment, aggressive interpretations of this law have resulted in extensive and unnecessary censorship in libraries, often because libraries go beyond the legal requirements of CIPA when implementing content filters. As a result, students and library patrons across the country are routinely and unnecessarily blocked from accessing constitutionally protected websites.
     

  • (Wired, Wednesday, September 4, 2013)

    The NSA runs a massive, full-time hacking operation targeting foreign systems, the latest leaks from Edward Snowden show. But unlike conventional cybercriminals, the agency is less interested in hacking PCs and Macs. Instead, America’s spooks have their eyes on the internet routers and switches that form the basic infrastructure of the net, and are largely overlooked as security vulnerabilities Under a $652-million program codenamed “Genie,” U.S. intel agencies have hacked into foreign computers and networks to monitor communications crossing them and to establish control over them, according to a secret black budget document leaked to the Washington Post. U.S. intelligence agencies conducted 231 offensive cyber operations in 2011 to penetrate the computer networks of targets abroad.
     

  • (Committee to Protect Journalists, Tuesday, September 3, 2013)

    Tomorrow, a federal judge will weigh a prosecutor's motion for a gag order in connection with the U.S. government's prosecution of journalist Barrett Brown. The motion represents a troubling turn in an already-troubling case for press freedom--a case that could criminalize the routine journalistic practice of linking to documents publicly available on the Internet, which would seem to be protected by the First Amendment to the U.S. Constitution under current doctrine.
     

  • (Cnet, Friday, August 30, 2013)

    Stonewalling by the Department of Justice has led Google and Microsoft to decide to file a lawsuit so that they can publicly discuss Foreign Intelligence Surveillance Court-approved surveillance orders. Microsoft general counsel Brad Smith announced Friday that the company, in collaboration with Google, would sue the government despite its statement on Thursday that it would publish some surveillance request information annually. Google and Microsoft are requesting the ability to publish "aggregate information" about FISA court orders directed at the companies in the hopes of being more transparent to their customers, the companies have said.

  • (ARS Technica, Friday, August 30, 2013)

    The federal government is pouring almost $11 billion per year into a 35,000-employee program dedicated to "groundbreaking" methods to decode encrypted messages such as e-mails, according to an intelligence black budget published by The Washington Post. The 17-page document, leaked to the paper by former National Security Agency (NSA) contractor Edward Snowden, gives an unprecedented breakdown of the massive amount of tax-payer dollars—which reached $52 billion in fiscal 2013—that the government pours into surveillance and other intelligence-gathering programs. It also details the changing priorities of the government's most elite spy agencies. Not surprisingly, in a world that's increasingly driven by networks and electronics, they are spending less on the collection of some hard-copy media and satellite operations while increasing resources for sophisticated signals intelligence, a field of electronic spying feds frequently refer to as "SIGINT."

  • (Access, Friday, August 30, 2013)

    This post originally suggested that the Department of Justice's filing in response to motions by Google and Microsoft would be release Friday, but it has yet to be posted to the Foreign Intelligence Surveillance Court's public website. However, the Court has granted the companies a 10 day extension to modify their original arguments. Coming on the heels of an announcement yesterday that the US Office of the Director of National Intelligence will start releasing a transparency report of national security-related requests for user data, the US government disappointingly will be filing a motion to block Google and Microsoft from voluntarily disclosing similar statistics in the company’s own transparency reports.

     

  • (Technet Blogs, Friday, August 30, 2013)

    To followers of technology issues, there are many days when Microsoft and Google stand apart. But today our two companies stand together. We both remain concerned with the Government’s continued unwillingness to permit us to publish sufficient data relating to Foreign Intelligence Surveillance Act (FISA) orders. Each of our companies filed suit in June to address this issue. We believe we have a clear right under the U.S. Constitution to share more information with the public. The purpose of our litigation is to uphold this right so that we can disclose additional data.  

  • (Center for Democracy and Technology, Friday, August 30, 2013)

    Just one day after announcing the release of new data about how many surveillance demands it issues, it has become clear that the Obama Administration is taking steps to prevent Microsoft and Google from issuing their own transparency reports about national security surveillance. CDT appreciates any new information from the government about the extent of the NSA's surveillance activities, but is extremely disappointed by the Administration's continued opposition to meaningful transparency reporting by U.S. Internet companies.

  • (IFEX, Wednesday, August 28, 2013)

    Following the suicide of Halifax teenager Rehtaeh Parsons in April 2013 and the child pornography charges brought against two suspects who allegedly assaulted her in November 2011, cyber-bullying has become the focus of a national debate in Canada. Nova Scotia's Cyber-Safety Act was drafted with the laudable goal of preventing similar tragedies, but it raises difficult questions about the extent to which free expression can be monitored by well-intentioned legislators. Marq de Villiers considers the possible implications of the new law and the ways it could be used to undermine freedom of expression. 

  • (ARS Technica, Tuesday, August 27, 2013)

    Like other companies such as Twitter, Google, and Microsoft, Facebook is now giving us a peek at the number of data requests it gets from governments around the world. In the company’s first-ever Global Government Requests Report, Facebook revealed that the United States leads the world by far in both the number of "total requests" and "users or accounts requested" between January 1, 2013 and June 30, 2013. American authorities—presumably ranging across local, state, and federal levels—requested information on “20,000 to 21,000” individual accounts. Facebook handed over “some data” in 79 percent of those cases. Curiously, the US is the only country where Facebook expresses this data as a range rather than as a specific number.

  • (Pew Internet, Monday, August 26, 2013)

    Some 70% of American adults ages 18 and older have a high-speed broadband connection at home as of May 2013, according to a nationally representative survey by the Pew Research Center’s Internet & American Life Project. The survey also found that 3% of American adults go online at home via dial-up connections. As found in previous research, groups with the highest rates of home broadband adoption continue to be college graduates, adults under age 50, and adults living in households earning at least $50,000, as well as whites and adults living in urban or suburban areas.

  • (Cnet, Monday, August 26, 2013)

    Google's name might be household fare for the rest of us, but in at least one national security court case, it is still subject to redaction -- as long as the government remembers to obfuscate all instances of the company's name. The Wall Street Journal reported that a Department of Justice court filing on August 23 in the US District Court for the Southern District of New York didn't redact Google's name in one instance from the document [PDF], finally confirming what many had suspected: that Google was the unnamed company fighting the government's use of National Security Letters to gain access to company-owned data.
    Google is one of the few companies thought to have contested such requests. Electronic Frontier Foundation attorney Matt Zimmerman told Bloomberg in April that the US government has issued more than 300,000 such letters since 2000, which have been contested only by four or five recipients.

  • (The New York Times, Thursday, August 22, 2013)

    Your otherwise excellent article about the digital divide (“Most of U.S. Is Wired, but Millions Aren’t Plugged In,” Business Day, Aug. 19) missed an opportunity to discuss the significant digital divide between people with disabilities and those not (yet) disabled. The Commerce Department report on which your article was based recognized the impact of disability. It found that Internet use among those with a disability is only 48 percent compared with 76 percent for those with no disability. In every metric used in the report, people with disabilities lagged behind. Your reporters rightly covered the digital divide based on race, age, education, class and geography. Disability deserved to be covered as well.

  • (Electronic Frontier Foundation, Thursday, August 22, 2013)

    In a big win for gay gamers around the world, a blogger has surrendered his bogus trademark claim on the word 'gaymer,' freeing online forums, conventions, and others to use the descriptive term without fear of legal threats and interference. The Electronic Frontier Foundation (EFF) and the law firm Perkins Coie represented a group of Reddit gaymers – members of the lesbian, gay, bisexual, and transgendered community who have an active interest in videogames – after their long-running Reddit forum called r/gaymers was the target of a cease-and-desist letter complaining about their use of the term. It turns out blogger Chris Vizzini, who started a website called gaymer.org in 2006, had registered a trademark on 'gaymer' even though it had been in widespread use long before Vizzini started his website. With the help of EFF and Perkins Coie, the Reddit gamers asked the U.S. Patent and Trademark Office (USPTO) to cancel the trademark in January of this year. Vizzini ultimately decided to surrender the mark, which was officially revoked this week.

  • (Index on Censorship, Thursday, August 22, 2013)

    Freedom of expression is generally protected in the US, but political, legal, economic and cultural factors continue to constrain this fundamental right. The First Amendment of the US Constitution prohibits laws that abridge free speech, academic freedoms and the right to assemble are generally protected, and violence against journalists is rare. National security is used excessively to justify free speech and privacy restrictions. Revelations over the National Security Agency’s “Prism” programme, which it is claimed gives the US government powers of mass surveillance over web communications, have caused huge concern over the authorities’ attitudes to free speech and privacy.

  • (Electronic Frontier Foundation, Wednesday, August 21, 2013)

    In response to EFF's Freedom of Information Act request, the government released today the 2011 FISA Court opinion (redacted) that found part of the National Security Agency's "upstream collection" to be illegal and unconstitutional. Upstream collection is when the NSA gets a copy of Internet traffic as it flows through major telecommunications hubs, and searches through for "selectors," like an email address or a keyword. In a press conference call on the newly declassified court opinion, the Office of the Director of National Intelligence (ODNI) revealed new information about the way the NSA treated what it calls "multi-communication transactions." Such MCTs were at the heart of the illegal collection that went on from 2008 to 2011, resulting in wholesale collection of tens of thousands of domestic communications without a warrant. But what, exactly, is an MCT?

  • (CNet, Wednesday, August 21, 2013)

    Tumblr has a new blogger within its sphere: The U.S. Intelligence Community. That's right, the umbrella organization that oversees government intelligence agencies, like the National Security Agency, the CIA, and FBI, has started to blog. Director of National Intelligence James Clapper penned a post on Wednesday making the announcement. "The goal of IC ON THE RECORD is to provide the public with direct access to factual information related to the lawful foreign surveillance activities carried out by the Intelligence Community," Clapper wrote. "In addition to comprehensive explanations of the authorities under which the Intelligence Community conducts foreign surveillance, the site will address methods of collection, use of collected data, and oversight and compliance."

  • (The New York Times, Wednesday, August 21, 2013)

    A federal judge sharply rebuked the National Security Agency in 2011 for repeatedly misleading the court that oversees its surveillance on domestic soil, including a program that is collecting tens of thousands of domestic e-mails and other Internet communications of Americans each year, according to a secret ruling made public on Wednesday. The 85-page ruling by Judge John D. Bates, then serving as chief judge on the Foreign Intelligence Surveillance Court, involved an N.S.A. program that systematically searches the contents of Americans’ international Internet communications, without a warrant, in a hunt for discussions about foreigners who have been targeted for surveillance.

  • (Access, Wednesday, August 21, 2013)

    Over the last few weeks, nearly every day has brought with it a new disclosure in the NSA surveillance scandal: a new target uncovered or a new foreign government intelligence agency found to be complicit. Yet, with limited public outcry in the United States, one can’t help but wonder if -- and why -- citizens of other Western democracies may be more offended over this spying than Americans themselves. The difference between privacy expectations in the United State and the European Union has long been known. In Europe, both privacy and data protection are understood to be fundamental human rights, codified under the Charter of Fundamental Rights of the European Union. In the United States, privacy is regarded more as a negative right, relying on a patchwork of laws limiting the ways in which the government can engage in surveillance (e.g., the Electronic Communications Privacy Act or the Foreign Intelligence Surveillance Act) and private sector obligations (e.g., data breach notification), instead of a comprehensive and enforceable framework, as in Europe (under the 1995 Directive).

  • (Center for Democracy and Technology, Wednesday, August 21, 2013)

    The Center for Democracy & Technology has issued the following statement in response to the latest confirmation, as reported this morning by the Wall Street Journal, that the National Security Agency has wiretapping stations installed at key Internet exchange points throughout the country whereby it has access to most of America's Internet traffic. The Wall Street Journal's story follows a recent New York Times report that the NSA is conducting keyword searches of masses of international Internet traffic based on its access to key Internet switches.

  • (The Guardian, Tuesday, August 20, 2013)

    The award-winning legal analysis site Groklaw is shutting because its founder says that "there is no way" to continue to run it without using secure email - and that the threat of NSA spying means that could be compromised. "There is now no shield from forced exposure," writes the site's founder, Pamela Jones, an American paralegal who has run the site from its start in 2003, in a farewell message on the site. Jones cites the revelations that the US National Security Agency (NSA) can capture any email, and can store encrypted email for up to five years, as having prompted her decision to shutter the site: "the simple truth is, no matter how good the motives might be for collecting and screening everything we say to one another, and no matter how "clean" we all are ourselves from the standpont of the screeners, I don't know how to function in such an atmosphere. I don't know how to do Groklaw like this," she writes.

  • (ArsTechnica, Monday, August 19, 2013)

    Changing your IP address or using proxy servers to access public websites you've been forbidden to visit is a violation of the Computer Fraud and Abuse Act (CFAA), a judge ruled Friday in a case involving Craigslist and 3taps. The legal issue is similar to one in the Aaron Swartz case, in which there was debate over whether Swartz "had committed an unauthorized access under the CFAA when he changed his IP address to circumvent IP address blocking imposed by system administrators trying to keep Swartz off the network," law professor Orin Kerr wrote yesterday on the Volokh Conspiracy blog. The ruling in Craigslist v. 3taps (PDF) is the first "directly addressing the issue," Kerr wrote. 3taps drew Craigslist's ire by aggregating and republishing its ads, so Craigslist sent a cease-and-desist letter telling the company not to do that. Craigslist also blocked IP addresses associated with 3taps' systems.

  • (The New York Times, Sunday, August 18, 2013)

    The Obama administration has poured billions of dollars into expanding the reach of the Internet, and nearly 98 percent of American homes now have access to some form of high-speed broadband. But tens of millions of people are still on the sidelines of the digital revolution. “The job I’m trying to get now requires me to know how to operate a computer,” said Elmer Griffin, 70, a retired truck driver from Bessemer, Ala., who was recently rejected for a job at an auto-parts store because he was unable to use the computer to check the inventory. “I wish I knew how, I really do. People don’t even want to talk to you if you don’t know how to use the Internet.”

     

  • (Index on Censorship, Friday, August 16, 2013)

    Despite having a generally positive free expression record, Canada has, in recent years, taken some regressive steps, driven by court decisions that weakened confidentiality for journalists’ sources, obstructions to reporting during Quebec’s student protests and the introduction of a bill, which was later withdrawn, but would have allowed the government to monitor Canadians in real-time without the need for a warrant. Conservative Prime Minister Steven Harper’s government has been criticised by activists for its tightening of access to information and slow response time to requests. Harper is accused of banning government-funded scientists from speaking to reporters about climate research. The country’s 30-year-old Access to Information Act (ATIA) is also highlighted as an obstacle.

  • (Berkman Center for Internet & Society, Thursday, August 15, 2013)

    Many teens ages 12-17 report that they usually figure out how to manage content sharing and privacy settings on their own. Focus group interviews with teens suggest that for their day-to-day privacy management, teens are guided through their choices in the app or platform when they sign up, or find answers through their own searching and use of their preferred platform. At the same time, though, a nationally representative survey of teen internet users shows that, at some point, 70% of them have sought advice from someone else about how to manage their privacy online. When they do seek outside help, teens most often turn to friends, parents or other close family members.

  • (Electronic Frontier Foundation, Thursday, August 15, 2013)

    With each recent revelation about the NSA's spying programs government officials have tried to reassure the American people that all three branches of government—the Executive branch, the Judiciary branch, and the Congress—knowingly approved these programs and exercised rigorous oversight over them. President Obama recited this talking point just last week, saying: "as President, I've taken steps to make sure they have strong oversight by all three branches of government and clear safeguards to prevent abuse and protect the rights of the American people." With these three pillars of oversight in place, the argument goes, how could the activities possibly be illegal or invasive of our privacy?

  • (Center for Democracy & Technology, Thursday, August 15, 2013)

    On August 9, President Obama, among other things, pledged to create an independent group of high level, outside experts to review intelligence and communications technologies, and to consider how to maintain public trust, while protecting against abusive use of those technologies. The President also said the expert group would examine how intelligence surveillance impacts our foreign policy given that more and more information about that surveillance is becoming public. He said the group would issue a report by the end of the year on how surveillance programs impact security, privacy and foreign policy.

  • (Electronic Frontier Foundation, Thursday, August 15, 2013)

    Fast track authority, also known as trade promotion authority, empowers the White House to unilaterally negotiate and sign trade agreements. It not only hinders Congress from exercising its constitutionally mandated power to oversee and amend trade deals, it could impact their sovereign power to make and reform copyright and Internet policy domestically. Fast track places a time-limit on Congressional debates on trade treaties, prevents Congress from proposing amendments, and reduces Congress to an up-or-down, yes or no vote on the entire treaty. That means that radical changes to digital policies are controlled almost entirely by the executive. They are proposed by the US Trade Representative, negotiated by his office in secret, and then buried in large bills with other major economic provisions that Congress is unlikely to reject. Policies passed in such treaty bills can then only be repealed if the treaty itself is renegotiated. It strips Congress of almost all of its oversight power.

  • (ArsTechnica, Wednesday, August 14, 2013)

    This morning, citizens trying to reach US government websites got a bit of a surprise—the entirety of the .gov top level domain appeared to be offline. The reason: a hiccup in the Domain Name Service Security Extension (DNSSEC) information being distributed by .gov's registry. According to a source at the General Services Administration, which operates the .gov registry, the registry team discovered that the DNSSEC information being distributed by its root domain name server had somehow become corrupted. The corruption affected the root domain's digital signature, making it appear not to be the authoritative server for the government's Internet names. As DNS data aged and expired, government sites disappeared from the Internet's directory and became unreachable by their host names (though the servers remained up).

  • (The Guardian, Tuesday, August 13, 2013)

    Fear not, says the NSA, we "touch" only 1.6% of daily internet traffic. If, as they say, the net carries 1,826 petabytes of information per day, then the NSA "touches" about 29 petabytes a day. They don't say what "touch" means. Ingest? Store? Analyze? For context, Google in 2010 said it had indexed only 0.004% of the data on the net. So, by inference from the percentages, does that mean that the NSA is equal to 400 Googles?

  • (The New York Times, Monday, August 12, 2013)

    Ladar Levison was not yet 20 years old when Congress passed the Patriot Act after the Sept. 11 terror attacks. It gave him a start-up idea: an e-mail service for what he thought of as “a tech-savvy crowd” that cared about privacy. “I’ve always sort of believed it’s important for Americans to have private conversations with other Americans,” Mr. Levison said in a telephone interview Monday, “and not fear that their conversations were being monitored by the government.”

  • (The Guardian, Sunday, August 11, 2013)

    Another burst of sunlight permeated the National Security Agency's black box of domestic surveillance last week. According to the New York Times, the NSA is searching the content of virtually every email that comes into or goes out of the United States without a warrant. To accomplish this astonishing invasion of Americans' privacy, the NSA reportedly is making a copy of nearly every international email. It then searches that cloned data, keeping all of the emails containing certain keywords and deleting the rest – all in a matter of seconds.

  • (Wired, Friday, August 9, 2013)

    Forced by recent leaks to respond to criticism that the government is exploiting legal loopholes to conduct widespread surveillance of U.S. citizens, President Barack Obama publicly acknowledged today that the government needs to be more transparent about its surveillance activities. Obama promised a broad review of the programs to determine what changes Congress needs to make to the Patriot Act to protect privacy and civil liberties. Obama said that while he is confident the government is not currently abusing its legal powers with the surveillance programs, “given the history of abuse by government, it’s right to ask questions about surveillance, particularly as technology is reshaping every aspect of our lives.”

  • (ArsTechnica, Friday, August 9, 2013)

    The Federal Communications Commission (FCC) has changed its rules to allow higher-power outdoor operations on the 57-64 GHz band, enabling wireless transmissions "over distances up to a mile at data rates of 7Gbps," the agency said. This is the same swath of spectrum used by Wireless Gigabit technology, which allows fast streaming between devices in living rooms and offices. Transmissions at this frequency are easily blocked by walls and objects. However, the FCC said the transmissions will still be useful outdoors in line-of-sight applications. Unlike a home network, the 7Gbps of bandwidth would be shared among many users.

  • (New York Times, Thursday, August 8, 2013)

    The National Security Agency is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials.The N.S.A. is not just intercepting the communications of Americans who are in direct contact with foreigners targeted overseas, a practice that government officials have openly acknowledged.

  • (New York Times, Thursday, August 8, 2013)

    The shutdown of two small e-mail providers on Thursday illustrates why it is so hard for Internet companies to challenge secret government surveillance: to protect their customers’ data from federal authorities, the two companies essentially committed suicide. Lavabit, a Texas-based service that was reportedly used by Edward J. Snowden, the leaker who had worked as a National Security Agency contractor, announced the suspension of its service Thursday afternoon. In a blog post, the company’s owner, Ladar Levison, suggested — though did not say explicitly — that he had received a secret search order, and was choosing to shut the service to avoid being “complicit in crimes against the American people.”

  • (CircleID, Wednesday, August 7, 2013)

    Something bad happens online. I can tie that something-bad back to an IP address. Do I know who did the bad thing? According to the Federal District Court in Arizona, I don't. An IP address may identify the owner of an Internet access account; it does not identify who was online at that particular time and who may be responsible for the actions in question. In Breaking Glass Pictures v Does, DAZ 2013, Plaintiff brought a claim for copyright infringement, wants early discovery, but the court is refusing. Plaintiff wants an ISP to identify the owners of accounts that are matched to certain IP addresses, so that Plaintiff can then go sue those defendants in place of the "Does."

  • (The Guardian, Wednesday, August 7, 2013)

    The National Security Agency's surveillance of innocent Americans without a warrant is illegal and unconstitutional. In a narrowly defeated amendment, congressman Justin Amash (a Michigan Republican) and a bipartisan group of over 200 members of Congress recently voted to defund the NSA's warrantless spying on US citizens. But obscured by the debate over domestic spying is the fact that virtually no one in the United States is questioning the NSA's total surveillance of the rest of the world. Foreign surveillance programs, unlike domestic ones, are clearly legal and constitutional, but that doesn't make them good policy. After all, most of the nearly seven billion non-Americans in the world are just as innocent as most Americans. They resent US government surveillance as much as, or perhaps more than, Americans do.

  • (Washington Post, Wednesday, August 7, 2013)

    Ever heard of Raptor X, a specialized computer tool that when used with a privately developed plug-in called “Social Bubble” can display the geographic location of Twitter users and their posted Tweets? In addition, Raptor could potentially capture related commercial entities and even financial transactions. The government created Raptor X. The Special Operations Command’s National Capital Region (SOCOM NCR) organization, located here in the Washington area, used it to data-mine social media as part of the 2012 Project Quantum Leap experiments.

  • (Electronic Frontier Foundation, Monday, August 5, 2013)

    Following a wave of polls showing a remarkable turn of public opinion, Congress has finally gotten serious about bringing limits, transparency and oversight to the NSA’s mass surveillance apparatus aimed at Americans. While we still believe that the best first step is a modern Church Committee, an independent, public investigation and accounting of the government’s surveillance programs that affect Americans, members of Congress seem determined to try to enact fixes now. Almost a dozen bills have already been introduced or will be introduced in the coming weeks.

  • (The Guardian, Monday, August 5, 2013)

    No apocryphal levity this week. Instead, a somber look into an almost-present future. For once, Tim Cook isn't holding his cards close to his chest; he makes no secret of Apple's interest in wearable technologies. Among the avenues for notable growth (in multiples of $10bn), I think wearable devices are a good fit for Apple, more than the likable but just-for-hobbyist TV, and certainly more than the cloudy automotive domain where Google Maps could be a hard obstacle. Apple isn't alone, every tech company seems to be developing smart watches, smart glasses, and other health and life-style monitoring devices. (Well, almost every tech company … we haven't heard from Michael Dell, but perhaps he's too busy keeping his almost-private company out of Carl Icahn's clutches.)

  • (Wired, Monday, August 5, 2013)

    Security researchers tonight are poring over a piece of malicious software that takes advantage of a Firefox security vulnerability to identify some users of the privacy-protecting Tor anonymity network. The malware showed up Sunday morning on multiple websites hosted by the anonymous hosting company Freedom Hosting. That would normally be considered a blatantly criminal “drive-by” hack attack, but nobody’s calling in the FBI this time. The FBI is the prime suspect. “It just sends identifying information to some IP in Reston, Virginia,” says reverse-engineer Vlad Tsyrklevich. “It’s pretty clear that it’s FBI or it’s some other law enforcement agency that’s U.S.-based.” If Tsrklevich and other researchers are right, the code is likely the first sample captured in the wild of the FBI’s “computer and internet protocol address verifier,” or CIPAV, the law enforcement spyware first reported by WIRED in 2007.

  • (Center for Democracy and Technology, Friday, August 2, 2013)

    On the heels of the introduction of the "Surveillance Transparency Act” in the Senate, a bipartisan coalition in the House of Representatives led by Congresswoman Zoe Lofgren has just introduced its own bill pressing for more transparency around government demands to Internet and telephone companies about their users data. As with the bill in the Senate, the Center for Democracy & Technology supports the “Surveillance Order Reporting Act” as an important first step toward enacting all of the surveillance transparency reforms that a CDT-led coalition of privacy advocates and Internet companies recently pressed for in their joint letter to Congress.

  • (ArsTechnica, Friday, August 2, 2013)

    In the wake of revelations about the ability of the National Security Agency (NSA) to broadly capture, index, and search the contents of unencrypted Web traffic, the Wikimedia Foundation is speeding up efforts to use secure Hypertext Transfer Protocol (HTTPS) by default for site visitors and editors for Wikipedia and other Wikimedia projects. But users will need to have accounts on the foundation's sites to get that protection.

  • (ACLU, Thursday, August 1, 2013)

    The Internet has evolved into a true marketplace for every idea – if you can think of it, you can find it on the web. That the online world has blossomed into this virtual town square teeming with diverse content is no accident. It is largely a creation of federal law – specifically, Section 230 of the Communications Decency Act of 1998. Section 230 is directly responsible for the free, messy, uncensored, and often brilliant culture of online speech. By prohibiting most state civil or criminal liability for something somebody else writes or posts, it created the single most important legal protection that exists for websites, bloggers, and other internet users. Under Section 230, a website can provide a platform for all speech without worrying that if one of its online users posts something stupid, critical, defamatory, or unlawful, the website itself can be held responsible.

  • (ArsTechnica, Thursday, August 1, 2013)

    The National Security Agency’s broad Internet monitoring program can do a whole lot more than provide a look inside a person's Internet life. According to documents on the X-Keyscore program published by The Guardian, the system can also be used to find computers that are vulnerable to attack, allowing the NSA’s Tailored Access Office to exploit them. A training slide on the capabilities of X-Keyscore provided to The Guardian by Edward Snowden entitled “TAO” (for Tailored Access Operations, the organization within the NSA that hacks the networks of foreign governments and organizations) states that vulnerability profiles used by TAO to find targeted systems can be used to “show me all the exploitable machines in country X.” The “fingerprints” for vulnerabilities are added as a filtering criteria for X-Keyscore’s filtering application “engines”—a worldwide distributed cluster of Linux servers attached to the NSA’s Internet backbone tap points.

  • (The Guardian, Wednesday, July 31, 2013)

    Twitter is under increasing pressure from governments to release users' private information, with requests rising 40% in the first six months of the year, the firm said on Wednesday, in its twice-yearly transparency report. The US made three-quarters of the 1,157 data requests during the six-month period, the company's report said. Governments usually want the emails or IP addresses tied to a Twitter account.

  • (The Guardian, Tuesday, July 30, 2013)

    The Obama administration has agreed to a review that could lead to the declassification of key surveillance orders in response to a lawsuit brought by Yahoo, potentially providing one of clearest views yet into the legal mechanics of the National Security Agency. As required by judge Reggie Walton of the secret Fisa court, which oversees surveillance orders, the Justice Department will complete a declassification review of binding surveillance orders on Yahoo by 12 September, potentially setting the stage for their public release.

  • (Rabble, Monday, July 29, 2013)

    As you may have heard, the latest round of secretive Trans-Pacific Partnership (TPP) talks have been taking place in Malaysia over the last two weeks. As with previous rounds, the Malaysia TPP talks took place in an atmosphere of near-total secrecy. Citizens, public interest groups, and internet users have been completely excluded from the negotiations, which are taking place between a small cabal of old industry lobbyists and unelected bureaucrats. Fair Deal Coalition members have been active on the ground and online to challenge the closed-door nature of the talks, and to sound the alarm about extreme Internet Censorship proposals contained within the TPP.

  • (Berkman Center for Internet & Society at Harvard University, Thursday, July 25, 2013)

    The Berkman Center for Internet & Society is pleased to announce the release of a new publication from the Media Cloud project, Social Mobilization and the Networked Public Sphere: Mapping the SOPA-PIPA Debate, authored by Yochai Benkler, Hal Roberts, Rob Faris, Alicia Solow-Niederman, and Bruce Etling. In this paper, we use a new set of online research tools to develop a detailed study of the public debate over proposed legislation in the United States that was designed to give prosecutors and copyright holders new tools to pursue suspected online copyright violations. Our study applies a mixed-methods approach by combining text and link analysis with human coding and informal interviews to map the evolution of the controversy over time and to analyze the mobilization, roles, and interactions of various actors.

  • (The Guardian, Thursday, July 25, 2013)

    The razor-thin defeat of a congressional measure to rein in domestic surveillance galvanized civil libertarians on Thursday for what they expect to be a drawn-out political and legal struggle to clip the wings of the intelligence apparatus in the US. While a measure by Representative Justin Amash, a Michigan Republican, failed in the House on Wednesday night, the tight vote was the closest that privacy advocates have come since 9/11 to stopping the National Security Agency from collecting Americans' data in bulk. Members of Congress, liberties groups and former surveillance officials pointed to a variety of measures, from new legislation in both the Senate and House to court cases, as means to reset the much-contested balance between liberty and security in the US over the coming weeks and months.

  • (The Guardian, Thursday, July 25, 2013)

    Twitter has apologised after it mocked up a string of fake tweets from the accounts of real users to champion one of its products. The tech firm promoted a new advertising service on its blog earlier this week and accompanied the spiel with bogus tweets attributed to three social networkers. The micro-blogging site has now said sorry for the "mistake" and updated its site to attribute the endorsements to its own staff. A note on its marketing webpage now reads: "An earlier version of this blog post included an image with mock tweets from real users of our platform.

  • (The Monterey Herald, Wednesday, July 24, 2013)

    The House Rules Committee passed on an amendment that would have stopped the military from filtering news websites on its bases. Rep. Alan Grayson, D-Fla., added the change to the Defense Appropriations Bill last week after reading about the Army's restriction of The Guardian news site at the Presidio of Monterey and other installations. "This was a decision by the Republican leadership, and the Republican leadership alone," Grayson said by email Wednesday. "I think it's unfortunate that the Republican leadership thinks that we need to keep our own soldiers in the dark, and prevent them from reading what every other American can learn about."

  • (CNet, Wednesday, July 24, 2013)

    I have occasionally met police chiefs in social settings. Like all human beings, some I warm to and others make me want to speak to their parents and psychologists. None, however, has quite been like Mark Kessler. He is the police chief of Gilberton, Penn. Though he is employed to keep the peace in the community, there's a side to him that seems a touch combustible. For he posted a YouTube video criticizing Secretary of State John Kerry for negotiating a treaty that, in Kessler's view, would violate his right to bear more arms than possessed by the Indian goddess Kali.

  • (IFEX, Tuesday, July 23, 2013)

    The following is a PEN Canada blog post by Avner Levin, Director of Ryerson University's Privacy and Cyber Crime Institute. “It is common knowledge that Canada is a net importer of intelligence,” notes the 2011-2012 report of the Office of the Communications Security Establishment Commissioner (CSEC). While acknowledging that the “need for information sharing is vital,” the Commissioner adds that it “must be exchanged in compliance with the laws of Canada and must include sufficient measures to protect the privacy of Canadians.” Although CSEC's current arrangements include “a commitment by the partners to respect the privacy of each others' citizens, it is recognized [that] each partner is an agency of a sovereign nation that may derogate from the agreements, if it is judged necessary for their respective national interests.”

  • (ArsTechnica, Tuesday, July 23, 2013)

    The National Security Agency (NSA) is a "supercomputing powerhouse" with machines so powerful their speed is measured in thousands of trillions of operations per second. The agency turns its giant machine brains to the task of sifting through unimaginably large troves of data its surveillance programs capture. But ask the NSA as part of a freedom of information request to do a seemingly simple search of its own employees' e-mail? The agency says it doesn't have the technology.

  • (The New York Times, Tuesday, July 16, 2013)

    Microsoft on Tuesday called on the United States attorney general, Eric H. Holder Jr., to give the company permission to talk about how it handles government surveillance requests. The move represents an escalation of Microsoft’s campaign to speak more freely about the national security orders it receives for e-mails, Internet phone calls and other communications by users of Microsoft services. Secrecy laws severely limit what Microsoft and others can say about those orders, particularly the surveillance requests issued by the Foreign Intelligence Surveillance Court.

  • (The New York Times, Monday, July 15, 2013)

    Web users should be able to tell advertising networks not to show them targeted advertisements based on their browsing activities — and those companies should comply. That is the verdict of the leaders of a working group that has been arguing for almost two years over how to establish a uniform Do Not Track standard for the Internet.

  • (The Guardian, Saturday, July 13, 2013)

    If the US government succeeds in criminalising Brown's posting of a hyperlink, the freedom of all internet users is in jeopardy.

  • (The New York Times, Thursday, July 11, 2013)

    Microsoft has collaborated with the National Security Agency more extensively than it previously acknowledged, providing the spy agency with up-to-date access to its customer data whenever the company changes its encryption and related software technology, according to a new report based on disclosures by the former N.S.A. contractor Edward J. Snowden.

  • (Reason.com, Thursday, July 11, 2013)

    A contentious section of Canadian human rights law, long criticized by free-speech advocates as overly restrictive and tantamount to censorship, is gone for good. A private member's bill repealing Section 13 of the Canadian Human Rights Act, the so-called "hate speech provision," passed in the Senate this week.

  • (CNet, Thursday, July 11, 2013)

    In the wake of revelations about the NSA's PRISM program, Defcon's founder asks federal government employees to skip this year's hacker convention.
     

  • (New York Business Journal, Wednesday, July 10, 2013)

    Arch Insurance Group is launching a new insurance program that will protect bloggers against libel and copyright infringement lawsuits. Called BloggerShield Insurance for Bloggers, the program offers customized claims-made coverage for libel, slander, defamation, copyright infringement, and privacy violation in the course of the insured’s blogging activities, New York-based Arch said.

  • (The Guardian, Wednesday, July 10, 2013)

    Gabriel Weinberg, founder of search engine with zero tracking, credits Prism revelations with prompting huge rise in traffic.

  • (Access, Friday, July 5, 2013)

    Hundreds demonstrated yesterday in New York to protest the U.S. government’s unlawful surveillance programs and to support privacy rights. Along with volunteers from Free Press and Witness, volunteers from Access helped organize the rally and march, one of more than a hundred planned across the country under the banner “Restore the Fourth.” The coalition’s name refers to both the Fourth Amendment of the US Constitution, guaranteeing the right to be free from unreasonable searches and seizures, and the rally’s date on the 4th of July, America’s Independence Day.

  • (The Guardian, Friday, June 28, 2013)

    The US army has admitted to blocking access to parts of the Guardian website for thousands of defence personnel across the country. A spokesman said the military was filtering out reports and content relating to government surveillance programs to preserve "network hygiene" and prevent any classified material appearing on unclassified parts of its computer systems.

  • (CNET, Thursday, June 27, 2013)

    More than half a million people have signed an online petition demanding Congress more fully probe the recent revelations about the National Security Agency. The petition, titled "Stop Watching Us," started a couple of weeks ago. It urges Congress to stop the government from what it describes as blanket data collection. "This dragnet surveillance violates the First and Fourth Amendments of the U.S. Constitution, which protect citizens' right to speak and associate anonymously, guard against unreasonable searches and seizures, and protect their right to privacy."

  • (The New York Times, Tuesday, June 11, 2013)

    Google, Facebook and Microsoft on Tuesday asked the government for permission to reveal details about the classified requests they receive for the personal information of foreign users. They made the request after revelations about the National Security Agency’s secret Internet surveillance program, known as Prism, for collecting data from technology companies like e-mail messages, photos, stored documents, videos and online chats. The collection is legally authorized by the Foreign Intelligence Surveillance Act, which forbids companies from acknowledging the existence of requests or revealing any details about them.

  • (Slate, Friday, June 7, 2013)

    If you thought the astounding (and ongoing) revelations about the NSA’s PRISM regime were going to hurt America’s reputation, it appears you were right. Freedom House just made it official. In an exclusive statement to Future Tense, the internationally renowned rights watchdog said it’s going to downgrade the U.S. in its annual Internet freedom rankings. “The revelation of this program will weaken the United States’ score on the survey,” the organization told me in an email.

  • (The New York Times, Friday, June 7, 2013)

    Mohamed al-Hadi, an antigovernment activist in Syria, had just received a Skype briefing from rebels about the Ming military airport near the northern city of Aleppo, a protracted battleground in the country’s civil war. Then he learned that the United States government had the ability to monitor that call, as well as a broad range of other information transmitted through the Internet. “I’m really shocked,” he said in a Skype conversation. “Eighty percent of our secrets were already known to the Americans. Now, all of our secrets are disclosed.”

  • (ARS Technica, Thursday, June 6, 2013)

    Yesterday's revelations from The Guardian about US government collection of data on just about every phone call made in the country is exactly the kind of scenario civil libertarians have been fearing: widespread, dragnet-style surveillance of every American's telephone calls. To put it simply: the published Verizon document suggests the US government has been keeping a log of just about every phone call made in the last seven years, full stop. This includes who the call was from, who it was made to, how long it was, and where the caller was when the conversation happened. 

  • (ACLU, Thursday, May 30, 2013)

    Court rulings unsealed last week in Washington show for the first time a behind-the-scenes legal battle over when the government should have to tell you that it's tracking your location and reading your email. These documents—which came to light only as the public learned more about the government's controversial investigation of Fox News journalist James Rosen—reveal significant new details about the government's obligation to provide notice, after the fact, when it obtains geolocation data or obtains stored email messages. Indeed, the court orders bring to light a striking contrast: federal prosecutors in Washington routinely provide notice to individuals they track using cell-phone geolocation data, even if that notice is delayed, yet the government strenuously resists giving any notice to individuals when searching and reading their emails.

  • (The New York Times, Monday, May 20, 2013)

    The Federal Communications Commission’s high-profile attempt to defend its net neutrality rules against a court challenge got major support on Monday from the Supreme Court, which ruled in a separate case that regulatory agencies should usually be granted deference in interpreting their own jurisdictions. In a 6-to-3 decision, Justice Antonin Scalia wrote that in cases where Congress has left ambiguous the outlines of a regulatory agency’s jurisdiction, “the court must defer to the administering agency’s construction of the statute so long as it is permissible.”

  • (Center for Democracy and Technology, Friday, May 17, 2013)

    Today, a group of 20 of the world’s preeminent experts in computer and network security released a report warning that an FBI proposal to modify Internet services to make them wiretap friendly would open major security holes, and that criminals would easily circumvent the wiretap capability that would have to be built in.

  • (Center for Democracy and Technology, Monday, May 13, 2013)

    Last week, Representative Hank Johnson of Georgia introduced the Application, Privacy, and Security Act (APPS Act), a bipartisan bill that would require stronger transparency and security requirements for mobile application developers and distributors. The bill is co-sponsored by Representatives Steve Chabot of Ohio, John Conyers of Michigan, Eliot Engel of New York, and Sheila Jackson Lee of Texas. As mobile technologies become increasingly indispensible for Americans, ensuring that privacy policies are clear and accurate is an important goal.

  • (Wired, Friday, May 10, 2013)

    The FBI has some strange ideas about how to “update” federal surveillance laws: They’re calling for legislation to penalize online services that provide users with too much security. I’m not kidding. The proposal was revealed in The Washington Post last week — and a couple days ago, a front-page story in The New York Times reported the Obama administration is preparing to back it. Why? Federal law enforcement agencies like the FBI have long feared their wiretap capabilities would begin “going dark” as criminals and terrorists — along with ordinary citizens — shift from telephone networks, which are required to be wiretap-ready under the 1994 Communications Assistance for Law Enforcement Act (CALEA), to the dizzying array of online communications platforms available today.

  • (Electronic Frontier Foundation, Thursday, May 9, 2013)

    Proposals to update the email privacy law, the Electronic Communications Privacy Act (ECPA), are moving quickly in Congress. ECPA is in dire need of an update as it was written in the mid-1980s long before the advent of ubiquitous webmail and cloud storage. In the past, ECPA was used by the Department of Justice (DOJ) to obtain emails and other private online messages older than 180 days without a probable cause warrant. If law enforcement sought those same messages in the physical world, a warrant would be required. This difference is not only wrong, but also inconsistent with the Fourth Amendment. Senators Patrick Leahy and Mike Lee plan to fix this.

  • (The New York Times, Tuesday, May 7, 2013)

    The Obama administration, resolving years of internal debate, is on the verge of backing a Federal Bureau of Investigation plan for a sweeping overhaul of surveillance laws that would make it easier to wiretap people who communicate using the Internet rather than by traditional phone services, according to officials familiar with the deliberations. The F.B.I. director, Robert S. Mueller III, has argued that the bureau’s ability to carry out court-approved eavesdropping on suspects is “going dark” as communications technology evolves, and since 2010 has pushed for a legal mandate requiring companies like Facebook and Google to build into their instant-messaging and other such systems a capacity to comply with wiretap orders.

  • (Center for Democracy and Technology, Friday, May 3, 2013)

    Last week, Justin Brookman, CDT’s Director of Consumer Privacy, testified before the Senate Commerce Committee at a hearing entitled, “A Status Update on the Development of Voluntary Do-Not-Track Standards.” Senator Jay Rockefeller, Chairman of the Committee, called the hearing to examine the steps industry stakeholders have taken to fulfill their public commitment to honor Do-Not-Track requests from consumers.

  • (Index, Tuesday, April 30, 2013)

    Washington DC was awash this weekend with some of the biggest names in journalism, technology, civil society and government — and not just for the star-studded White House Correspondents’ Dinner. On Friday, Google hosted its first Big Tent event in DC with co-sponsor Bloomberg to discuss the future of free speech in the digital age. Each panel was guided by hypothetical scenarios that mirrored real current events and raised interesting free speech questions around offence, takedown requests, self-censorship, government leaks, national security and surveillance.

  • (Center for Democracy and Technology, Friday, April 26, 2013)

    Last week CISPA, the cybersecurity information-sharing bill, passed the House. Though fundamentally flawed, the bill is very different from when it passed the House a year ago, demonstrating the power of a growing Internet advocacy community that sometimes underestimates its own influence. Two game-changing achievements stand out.

  • (Electronic Frontier Foundation, Thursday, April 25, 2013)

    This week a wide range of civil liberties groups and companies demanded the Senate Judiciary Committee update email privacy law, the Electronic Communications and Privacy Act (ECPA). The bill, S. 607, introduced by Senators Leahy and Lee, aims to ensure a warrant protection for all private online messages. ECPA, passed in 1986, purported to allow the Department of Justice (DOJ) access to private communications, including emails and private Facebook messages, with a only subpoena. EFF has long argued, and many courts have agreed, that a warrant is always required.

  • (Blue Coat, Thursday, April 25, 2013)

    Blue Coat Systems, Inc., a market leader in Web security and WAN optimization, today commended U.S. Department of Commerce’s Bureau of Industry and Security (BIS) for its enforcement action against Computerlinks FZCO in connection with the unlawful diversion of Blue Coat ProxySG appliances to Syria. BIS previously penalized Wassim Jawad and Infotech in 2011 for their involvement in this unlawful transfer.

  • (Electronic Frontier Foundation, Wednesday, April 24, 2013)

    Yesterday, in a disturbing report published on CNET, new documents obtained by EPIC reveal that Obama administration officials have authorized a new government program involving the interception of communications on Internet service providers, including AT&T—one of the key players in the NSA warrantless wiretapping program. Under long-standing federal law, the government needs to use legal process to compel service providers to hand over customer communications, yet reportedly, the government is promising these companies they will not to prosecute them for violating US wiretapping laws if they hand over the information voluntarily.

  • (Think Progress, Wednesday, April 24, 2013)

    Sen. Lindsey Graham (R-SC) demanded to know why the FBI wasn’t tracking the Boston bombing suspect’s web traffic during an appearance on Fox News this morning, possibly validating civil liberties activist fears that the attack would lead to calls for further digital surveillance: “If you Google terrorists you will find the older brother on the web, Youtube videos of him declaring war on us, saying we’re a Christian nation. We’re infidels. How could the FBI after the interview in 2011 not pick up that traffic where this guy is visiting radical web sites?“

  • (Wired, Thursday, April 18, 2013)

    The cofounder of the popular social news site Reddit has called on the leaders of Google, Facebook and Twitter to help defeat a controversial cybersecurity bill that would compromise the privacy of their users if passed by lawmakers. “I’m hoping that all of these tech companies take the stand that their privacy policies matter, their users’ privacy matters, and no legislation like CISPA should take that away,” Alexis Ohanian, former owner of Reddit (Wired’s parent company Conde Nast currently owns Reddit), said in a video posted yesterday.

  • (Electronic Frontier Foundation, Wednesday, April 17, 2013)

    Yesterday, the US House prepared for the debate on the privacy-invading "cybersecurity" bill called CISPA, the Cyber Intelligence Sharing and Protection Act. The rules committee hearing was the last stop before the bill is voted on by the full House. In the hearing, Rep. Mike Rogers (R-MI) was questioned about the core problems in the bill, like the broad immunity and new corporate spying powers. In response, he characterized users who oppose CISPA as "14 year olds” tweeting in a basement. 

  • (Electronic Frontier Foundation, Monday, April 15, 2013)

    Today, thirty-four civil liberties organizations sent a joint letter to Congressional Representatives urging them to continue to oppose the Cyber Intelligence Sharing and Protection Act (CISPA). CISPA is a misguided "cybersecurity" bill that would provide a gaping new exception to privacy law. The House of Representatives is likely to vote on it on Wednesday or Thursday of this week. This means that there's little time remaining to speak out against this bill.

  • (IFEX, Monday, April 15, 2013)

    In the near future, an Ontario trial court will hear a defamation case that could have a major impact on free expression and what is considered defamatory under Canadian law. Baglow v. Smith arose out of a dispute between two ideologically opposed bloggers. John Baglow, who blogs as Dr. Dawg, repeatedly argued that the detention of Canadian terror suspect Omar Khadr at Guantanamo Bay violated international law. In 2010, blogger Roger Smith responded by referring to Baglow online as "one of the Taliban's more vocal supporters." Baglow sued Smith for defamation. 

     

  • (Yale University, Monday, April 15, 2013)

    The First Amendment protects anonymous speech, but the scope of that protection has been the subject of much debate. This Article adds to the discussion of anonymous speech by examining anti-mask statutes and cases as an analogue for the regulation of anonymous speech online. Anti-mask case law answers a number of questions left open by the Supreme Court. It shows that courts have used the First Amendment to protect anonymity beyond core political speech, when mask-wearing is expressive conduct or shows a nexus with free expression. This Article explores what the anti-mask cases teach us about anonymity online, including proposed real-name policies. It closes by returning to the real world of real masks, addressing the significance of physical anonymity in an age of remote biometric identification and drone use.

  • (Electronic Frontier Foundation, Friday, April 12, 2013)

    In the last three months alone, the House has released three different cybersecurity bills and has held over seven hearings on the issue. In addition, the House Judiciary Committee floated changes to the Computer Fraud and Abuse Act (CFAA)—the draconian anti-hacking statute that came to public prominence after the death of activist and Internet pioneer Aaron Swartz. Politicians tout this legislation as necessary to protect against foreign threats every single time they introduce a bill with “cyber” somewhere in the text.

  • (Electronic Frontier Foundation, Friday, April 12, 2013)

    Wednesday, the House Permanent Select Committee on Intelligence marked up the Cyber Intelligence Sharing and Protection Act (CISPA), the misguided “cybersecurity” bill that would create a gaping exception to existing privacy law while doing little to address palpable and pressing online security issues. The markup was held entirely behind closed doors—even though the issues being considered will have serious effects on the liberty of Internet users—and was passed out of the committee.

  • (IFEX, Thursday, April 11, 2013)

    As internet access spreads around the world and more countries consider ways to regulate users' online activities, the United States has a responsibility to set an example by enacting legislation that combats online security threats while protecting individual privacy. Unfortunately, the Cyber Intelligence Sharing and Protection Act (CISPA), which is scheduled to undergo markup this week by the House Intelligence Committee, fails to strike this balance, and threatens to set a negative example for other countries looking to adopt similar laws. 

  • (Politico, Wednesday, April 10, 2013)

    Choose an acronym — SOPA, ACTA, TPP. Whether a legislative proposal or a trade agreement, Internet rights groups are framing the issues in much the same way: a global threat to free speech and privacy. They’ve cast content providers as repeat players in a battle over the future of intellectual property. The current manifestation is the Trans-Pacific Partnership, negotiations with 11 Pacific Rim nations meant to revolutionize digital trade and set the tone for future agreements.

  • (CNN, Monday, April 8, 2013)

    Scary hacks and data breaches in 2012 hit companies as diverse as NBC, LinkedIn and Global Payments. Lawmakers began tussling over how to help protect companies from these attacks, and as a result, lobbying action on cybersecurity nearly doubled last year. A total of 1,968 lobbying reports mentioned the word "cybersecurity" (or variations of the term) several times in 2012, according to a report compiled by the Center for Responsive Politics for CNNMoney. That's up from just 990 reports in 2011.

  • (Salon, Thursday, April 4, 2013)

    20-year-old artist Jennifer Pawluck was arrested Wednesday morning at 10:30am after posting a picture of anti-police street art on her Instagram feed a few days before. “Many of my friends do not like the police,” Pawluck told the Huffington Post Québec in French. “I thought it would be funny to put the picture on Instagram. I do not even know who he is, Ian Lafrenière.”

  • (Mashable, Thursday, April 4, 2013)

    A Congressional debate over the Cyber Intelligence Sharing and Protection Act, or CISPA, set for next week will take place out of public view. CISPA, which was reintroduced to the House of Representatives earlier this year, is set to undergo a markup session next week. During the session, members of the House Intelligence Committee will debate the bill and offer amendments before voting whether or not to move it to a full vote in the House — but it will be closed to the public and to press.

  • (Wired, Wednesday, April 3, 2013)

    The President Barack Obama administration is informing a federal judge that if it’s forced to disclose a secret court opinion about the government illegally spying on Americans, the likely result could be “exceptionally grave and serious damage to the national security.”

  • (Center for Democracy and Technology, Tuesday, April 2, 2013)

    CDT joined with a diverse coalition of advocates from across the political spectrum to send a letter to Congress opposing a troubling draft bill that would dangerously expand the federal computer crime statute, the Computer Fraud and Abuse Act (CFAA).

  • (Center for Democracy and Technology, Wednesday, March 27, 2013)

    The House Judiciary committee is reportedly circulating a discussion draft that would amend the Computer Fraud and Abuse Act (CFAA) in precisely the wrong direction. In the wake of the tragic death of activist Aaron Swartz, US Internet freedom advocates have devoted much time and energy to pushing sensible reforms to narrow the scope of the CFAA, under which Swartz was being aggressively prosecuted at the time of his death. This draft flies in the face of those efforts, as it would dramatically enhance the already heavy penalties for violations of what Internet scholar Tim Wu recently called “the Worst Law in Technology," while appearing to expressly overturn existing case law to say that violating terms of service or other agreements can indeed be prosecuted as a felony.

  • (Slate, Tuesday, March 26, 2013)

    Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has a difficult time monitoring Gmail, Google Voice, and Dropbox in real time. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage a “top priority” this year. Last week, during a talk for the American Bar Association in Washington, D.C., FBI general counsel Andrew Weissmann discussed some of the pressing surveillance and national security issues facing the bureau. 

  • (Electronic Frontier Foundation, Tuesday, March 26, 2013)

    Earlier this month, a Georgia Superior Court issued a breathtaking restraining order against Matthew Chan, the operator of a copyright troll criticism message board, holding him responsible for the posts of his users. As part of the Court’s reasoning, Judge Frank Jordan wrote: "As the owner and operator of the site, Respondent has the ability to remove posts in his capacity as the moderator. However, Respondent chose not to remove posts that were personally directed at [Petitioner Linda] Ellis and would cause a reasonable person to fear for her safety."

  • (Center for Democracy and Technology, Thursday, March 21, 2013)

    A hearing earlier this week at the House Judiciary Subcommittee on Crime and Homeland Security reflected a growing consensus on the need for government officials to obtain a warrant before accessing private email. The Electronic Communications Privacy Act (ECPA), which has not had an update since it passed in 1986, specifies that government officials do not need a warrant to access stored email that is over 180 days old.1 The Department of Justice has also historically argued ECPA grants law enforcement the authority to access opened email without a warrant.

  • (Electronic Frontier Foundation, Wednesday, March 20, 2013)

    Senator Mark Leno today announced the introduction of groundbreaking new legislation that protects email privacy. Senate Bill 467, sponsored by the Electronic Frontier Foundation (EFF), requires state law enforcement agencies to obtain a warrant before asking service providers to hand over a private citizen's emails.

  • (Electronic Frontier Foundation, Wednesday, March 20, 2013)

    Under CISPA, companies can collect your information in order to "protect the rights and property" of the company, and then share that information with third parties, including the government, so long as it is for "cybersecurity purposes." Companies aren't required to strip out personally identifiable information from the data they give to the government, and the government can then use the information for purposes wholly unrelated to cybersecurity – such as "national security," a term the bill leaves undefined.

  • (Electronic Frontier Foundation, Tuesday, March 19, 2013)

    Since the untimely death of activist Aaron Swartz in January, EFF has been pushing for Congress to reform the Computer Fraud and Abuse Act (CFAA), the law that hands out wildly disproportionate penalties for computer crimes, chills innovation, and potentially turns every computer user into a criminal. And new examples of the CFAA’s dangerous reach continue to make headlines.

  • (The Huffington Post, Tuesday, March 12, 2013)

    Given the increasing penetration of technology into the lives of billions of people around the world, context for how we think about intersection of diplomacy and civil society is shifting. No one has been more central to that discussion than Alec J. Ross, the senior advisor for innovation to Secretary of State Hillary Clinton, who in many ways defined the practice of "digital diplomacy" in the 21st century. Almost three years ago, I talked with Ross about his role and goals, like supporting "Internet freedom" through funding technology.

  • (Center for Democracy and Technology, Monday, March 11, 2013)

    Last week, Edith Ramirez, the newly named chair of the Federal Trade Commission, participated in her first public appearance as chairwoman at the International Association of Privacy Professionals conference. Her comments there bode well for the future of domestic privacy protection, especially when paired with the FTC’s recent settlement with HTC concerning the mobile device maker’s unfair and deceptive trade practices.

  • (Mashable, Thursday, March 7, 2013)

    Three members of Congress, including Rep. Zoe Lofgren (D-Calif.), introduced new legislation on Wednesday to reform the Electronic Communications Protection Act (ECPA) and improve privacy protections for electronic messages. The new bill, co-sponsored by Rep. Ted Poe (R-Texas) and Rep. Suzan DelBene (D-Wash.), is called the Online Communications and Geolocation Protection Act. As drafted, the bill would extend Fourth Amendment protections to email and cellphone geolocation data, requiring authorities to get a warrant in situations where one is currently not required. Lofgren had introduced a similar bill last year and previously promised to reintroduce it as part of her "Internet freedom" agenda.

  • (The New York Times, Thursday, February 28, 2013)

    Before his planned retirement from Congress at the end of next year, Senator John D. Rockefeller IV, the West Virginia Democrat, intends to give American consumers more meaningful control over personal data collected about them online. To that end, Mr. Rockefeller on Thursday introduced a bill called the “Do-Not-Track Online Act of 2013.” The bill would require the Federal Trade Commission to establish standardized mechanisms for people to use their Internet browsers to tell Web sites, advertising networks, data brokers and other online entities whether or not they were willing to submit to data-mining.

  • (Electronic Frontier Foundation, Thursday, February 28, 2013)

    It’s been a long time coming, but the copyright surveillance machine known as the Copyright Alert System (CAS) — aka “Six Strikes” — has finally launched. CAS is an agreement between major media corporations and large Internet Service Providers to monitor peer-to-peer networks for copyright infringement and target subscribers who are alleged to infringe — via everything from “educational” alerts to throttling Internet speeds. Unfortunately, the Center for Copyright Information, which is running this “educational” program, is hardly a neutral information source. So, as the participants finally begin to reveal some details, we’re here to provide an alternative.

  • (Center for Democracy and Technology, Thursday, February 28, 2013)

    Why is CDT opposed to a House bill intended to promote sharing of information about cyberthreats? And why do we prefer a Senate proposal on information sharing? The reasons for our opposition to the Cyber Intelligence Sharing and Protection Act (CISPA) are well-illustrated by this opening sentence from an article yesterday in Government Computer News: Continuous monitoring is the order of the day for federal IT systems, and automated tools are generating more data about the status and behavior of agency networks. The next challenge, analysts, vendors and government officials say, is making use of all that data.

  • (The Hill, Tuesday, February 26, 2013)

    One of the Internet’s founding fathers is set this week to revive a heated cybersecurity debate over whether to preserve anonymity and the use of pseudonyms in online chat forums and social networks like Twitter. Vint Cerf, Google’s chief Internet evangelist, is expected to make the case for keeping people’s identity anonymous — particularly on certain Web services — when he delivers the keynote address at the RSA cybersecurity conference here on Wednesday.

  • (The New York Times, Tuesday, February 26, 2013)

    Apart from a few companies like Google, which revealed that Chinese hackers had tried to read its users’ e-mail messages, American companies have been disturbingly silent about cyberattacks on their computer systems — apparently in fear that this disclosure will unnerve customers and shareholders and invite lawsuits and unwanted scrutiny from the government.

  • (Wired, Monday, February 25, 2013)

    The nation’s major internet service providers on Monday said they are beginning to roll out an initiative to disrupt internet access for online copyright scofflaws. The so-called “Copyright Alert System” is backed by the President Barack Obama administration and was pushed heavily by record labels and Hollywood studios. The plan, more than four years in the making, includes participation by AT&T, Cablevision Systems, Comcast, Time Warner Cable and Verizon. Others could soon join. After four offenses, the historic plan calls for these residential internet providers to initiate so-called “mitigation measures” (.pdf) that might include reducing internet speeds and redirecting a subscriber’s service to an “educational” landing page about infringement.

  • (The Washington Post, Wednesday, February 20, 2013)

    Start asking security experts which powerful Washington institutions have been penetrated by Chinese cyberspies, and this is the usual answer: almost all of them. The list of those hacked in recent years includes law firms, think tanks, news organizations, human rights groups, contractors, congressional offices, embassies and federal agencies. The information compromised by such intrusions, security experts say, would be enough to map how power is exercised in Washington to a remarkably nuanced degree. The only question, they say, is whether the Chinese have the analytical resources to sort through the massive troves of data they steal every day.

  • (Bloomberg Businessweek, Thursday, February 14, 2013)

    One day last October, more than 100 congressional staffers crammed into a room on the second floor of the Rayburn House Office Building to listen to four lawyers discuss smartphone and tablet patent litigation. The chief of staff for the House Judiciary Committee came a few minutes late and couldn’t get a seat. This is a typical scene these days at the periodic lunchtime lectures put on by the Congressional Internet Caucus, a bipartisan collection of 125 House and Senate members who are, in the words of their mission statement, “working to promote the promise and potential of the Internet.” Third on the list of the caucus’s goals: “Promoting the education of Members of Congress and their staff.”

  • (Electronic Frontier Foundation, Wednesday, February 13, 2013)

    It's official: The Cyber Intelligence Sharing and Protection Act was reintroduced in the House of Representatives yesterday. CISPA is the contentious bill civil liberties advocates fought last year, which would provide a poorly-defined "cybersecurity" exception to existing privacy law. CISPA offers broad immunities to companies who choose to share data with government agencies (including the private communications of users) in the name of cybersecurity. It also creates avenues for companies to share data with any federal agencies, including military intelligence agencies like the National Security Agency (NSA).

  • (Committee to Protect Journalists, Thursday, February 7, 2013)

    Not every media company is as tempting a target for hackers as The New York Times, The Washington Post, or The Wall Street Journal. Not every company can afford high-priced computer security consultants, either. Is there anything that everyday reporters and their editors can learn about protecting themselves, based on the revelatory details the Times and other targets made public last week? As we wrote at the time, the cyber-attacks on the Times, the Post, and the Journal came as no surprise to foreign reporters working in China or elsewhere who repeatedly face fake emails, custom malware, and hacking attacks on their webmail. But the level of access that the hackers obtained at the Times' main offices, and the publication of details by their technical advisers, can be instructive.

  • (Center for Democracy and Technology, Thursday, February 7, 2013)

    The FTC’s announcement late last week of a settlement with a mobile app developer and the Commission’s simultaneous release of a mobile privacy report highlighted the agency’s focus on protecting consumer privacy in the popular mobile space. Moreover, the Commission’s actions provided a pointed reminder to app developers that they must consider privacy at the earliest stages and in all phases of creating their innovative products.

  • (Poynter, Wednesday, February 6, 2013)

    Union County, N.J., prosecutors demanded Tina Renna give them “the names of 16 government officials who she accused online of misusing county generators after Hurricane Sandy,” Lilly Chapa reports. Renna claimed privilege, and Superior Court Judge Karen Cassidy has ordered a hearing “to further discuss whether Renna is a journalist as defined under the state shield law,” Chapa writes.Renna’s blog The County Watchers chronicles county employees who make six-figure incomes, challenges the county’s finances and posts videos from meetings. Prosecutors, Chapa writes, “have argued that Renna cannot be defined as a journalist because she was involved in politics in the past and the blog is biased and often critical of the Union County government.”

  • (IFEX, Wednesday, February 6, 2013)

    Reporters Without Borders strongly condemns the Chinese government's readiness to violate the confidentiality of sources, which has jeopardized the safety of New York Times journalists and their sources in China. The newspaper has been subjected to growing harassment in recent months. An article about outgoing Premier Wen Jiabao's fortune was censored. The authorities refused to issue or renew visas and accreditation for its journalists. And now it turns out that it has been the target of cyber-attacks for months. 

     

  • (Electronic Frontier Foundation, Tuesday, February 5, 2013)

    With every coming round of negotiations over the Trans-Pacific Partnership (TPP)—a trade agreement that carries intellectual property provisions that could have hugely harmful consequences for the Internet and our digital rights—the Office of the US Trade Representative has continually whittled away at any remaining opportunity for the public to have input into the drafting process. The TPP has been under negotiation for three years and the opaqueness has only worsened.

  • (The Wall Street Journal, Thursday, January 31, 2013)

    Chinese hackers believed to have government links have been conducting wide-ranging electronic surveillance of media companies including The Wall Street Journal, apparently to spy on reporters covering China and other issues, people familiar with the incidents said. Journal publisher Dow Jones & Co. said Thursday that the paper's computer systems had been infiltrated by Chinese hackers, apparently to monitor its China coverage. New York Times Co. disclosed Wednesday night that its flagship newspaper also had been the victim of cyberspying. Chinese hackers for years have targeted major U.S. media companies with hacking that has penetrated inside newsgathering systems, several people familiar with the response to the cyberattacks said. Tapping reporters' computers could allow Beijing to identify sources on articles and information about pending stories. Chinese authorities in the past have penalized Chinese nationals who have passed information to foreign reporters.

     

  • (Wired, Thursday, January 31, 2013)

    In a dramatic announcement late Wednesday, the New York Times reported that hackers from China had been routing through the paper’s network for at least four months, stealing the passwords of reporters in an apparent attempt to identify sources and gather other intelligence about stories related to the family of China’s prime minister. The hackers breached the network sometime around Sept. 13 and stole the corporate passwords for every Times employee, using them to gain access to the personal computers of 53 employees, according to the report.

  • (Electronic Frontier Foundation, Thursday, January 31, 2013)

    Last year, we saw more battles in Congress over Internet freedom than we have in many years as user protests stopped two dangerous bills, the censorship-oriented SOPA, and the privacy-invasive Cybersecurity Act of 2012. But Congress ended the year by ramming through a domestic spying bill and weakening the Video Privacy Protection Act. In 2013, Congress will tackle several bills—both good and bad—that could shape Internet privacy for the next decade. Some were introduced last year, and some will be completely new.

  • (New York Times, Monday, January 28, 2013)

    United States law-enforcement agencies by and large do not establish probable cause or obtain a search warrant from an impartial judge before they seek information about a Twitter user, the company said Monday in its second transparency report. The company said it received a little over 1,000 requests for information between July and December 2012. Most came from the United States, and in nearly seven out of 10 instances, the company complied with the data request.

  • (CircleID, Saturday, January 26, 2013)

    There are two Bills that are floating through the corridors of power on the Hill that could potentially change the course of civil and political rights within the United States and the world. One was introduced through the House of Representatives and the other through the Senate. The two Bills touch on a common thread that are premised on "national security" however there are interesting challenges that will surface should the Bills be passed that affect global public interest that require further examination, introspection and discussion.

  • (Wired, Friday, January 25, 2013)

    Yahoo demands probable-cause, court-issued warrants to divulge the content of messages inside its popular consumer e-mail brands — Yahoo and Ymail, the web giant said Friday. The Sunnyvale, California-based internet concern’s exclusive comments came two days after Google revealed to Wired that it demands probable-cause warrants to turn over consumer content stored in its popular Gmail and cloud-storage Google Drive services — despite the Electronic Communications Privacy Act not always requiring warrants.

  • (Access, Friday, January 25, 2013)

    With the recent re-nomination of David Medine as chairman, the long-dormant US Privacy and Civil Liberties Oversight Board (PCLOB) may finally come to life. The renewal of the Board and its mandate comes not a moment too soon. A strong, independent oversight body is necessary to protect digital rights as Congress is likely to consider cybercrime and cybersecurity issues, such as a proposed amendment to the highly controversial federal Communications Assistance for Law Enforcement Agencies (CALEA), which would require all communications providers to install backdoors in their products and services.

  • (Electronic Frontier Foundation, Wednesday, January 23, 2013)

    This morning, Google released their semi-annual transparency report, and once again, it revealed a troubling trend: Internet surveillance around the world continues to rise, with the United States leading the way in demands for user data. Google received over 21,000 requests for data on over 33,000 users in the last six months from governments around the world, a 70% increase since Google started releasing numbers in 2010. The United States accounted for almost 40% the total requests (8,438) and the number of users (14,791).

  • (Electronic Frontier Foundation, Friday, January 18, 2013)

    One year ago today, Internet users of all ages, races, and political stripes participated in the largest protest in Internet history, flooding Congress with millions of emails and phone calls to demand they drop the Stop Online Piracy Act (SOPA)—a dangerous bill that would have allowed corporations and the govenrment to censor larger parts of the Web.

  • (Center for Democracy and Technology, Friday, January 18, 2013)

    Today, CDT and a range of other groups and individuals are marking the one-year anniversary of the historic SOPA and PIPA protests by celebrating Internet Freedom Day. On January 18th, 2012, CDT joined thousands of innovators, technologists, advocates, and individuals from across the political spectrum in an online blackout and protest demonstrating broad opposition to the two bills, which had the potential to wreak havoc on the Internet. The bills failed in the face of that unprecedented online revolt, which marked a watershed moment for the politics of Internet policy.

  • (Center for Democracy and Technology, Friday, January 18, 2013)

    AT&T took some heat last fall for imposing limits (some of which have since been removed) on which subscribers can use FaceTime, Apple’s video calling service, over its cellular network. This week, the FCC Open Internet Advisory Committee published a report on the subject that I helped to author. Its technical analysis is well worth a look. The OIAC report recognizes that mobile networks have limited bandwidth and that a high-bandwidth application like FaceTime can cause substantial performance problems on the network. But does that mean that network management techniques need to target particular applications? One view represented in the report, as well as in CDT’s most recent blog post on the subject, is that it would be much better for application developers and consumers if network management were to be application-agnostic. 

  • (Electronic Frontier Foundation, Monday, January 14, 2013)

    Outpourings of grief and calls for change continue to flood the Internet after the suicide of Aaron Swartz, only 26 years old. Aaron was one of our community's best and brightest, and he acheived great things in his short life. He was a coder, a political activist, an entrepreneur, a contributor to major technological developments (like RSS), and an all-around Internet freedom rock star. As Wired noted, the world will miss out on decades of magnificent things Aaron would have accomplished had his time not been cut short.

  • (The Atlantic, Monday, January 7, 2013)

    You might call Hillary Clinton the ur-diplomat of the digital age. Under her guidance, the U.S. State Department embraced new technology in a way no secretary of state has done since the fax machine. For better or worse, Clinton added a new dimension to the way Washington engages with the rest of the world.With rumors that John Kerry may be tapped to take Clinton's place when she departs the agency this month comes rising speculation over how the current chair of the Senate Foreign Relations Committee might handle State's technological mandate.

  • (The New York Times, Saturday, January 5, 2013)

    There are three things that matter in consumer data collection: location, location, location. E-ZPasses clock the routes we drive. Metro passes register the subway stations we enter. A.T.M.’s record where and when we get cash. Not to mention the credit and debit card transactions that map our trajectories in comprehensive detail — the stores, restaurants and gas stations we frequent; the hotels and health clubs we patronize. Each of these represents a kind of knowing trade, a conscious consumer submission to surveillance for the sake of convenience.

  • (Congressional Research Service, Thursday, January 3, 2013)

    Navigating the Internet requires using addresses and corresponding names that identify the location of individual computers. The Domain Name System (DNS) is the distributed set of databases residing in computers around the world that contain address numbers mapped to corresponding domain names, making it possible to send and receive messages and to access information from computers anywhere on the Internet. Many of the technical, operational, and management decisions regarding the DNS can have significant impacts on Internet-related policy issues such as intellectual property, privacy, Internet freedom, e-commerce, and cybersecurity.  

  • (Wired, Wednesday, January 2, 2013)

    California and Illinois on Tuesday joined four others in becoming the union’s only states barring employers from demanding that employees fork over their social-media passwords. Congress unsurprisingly couldn’t muster the wherewithal to approve the Password Protection Act of 2012, so a handful of states have taken it upon themselves. The new laws come amid reports nationwide that employers were demanding access to their employees’ or potential employees’ personal, non-public data on Facebook, Twitter and other social-media accounts.

  • (Wired, Friday, December 28, 2012)

    The Senate on Friday reauthorized for five years broad electronic eavesdropping powers that legalized and expanded the President George W. Bush administration’s warrantless wiretapping program. The FISA Amendments Act, (.pdf) which was expiring Monday at midnight, allows the government to electronically eavesdrop on Americans’ phone calls and e-mails without a probable-cause warrant so long as one of the parties to the communication is believed outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”

  • (Electronic Frontier Foundation, Wednesday, December 26, 2012)

    As the year draws to a close, EFF is looking back at the major trends influencing digital rights in 2012 and discussing where we are in the fight for free expression, innovation, fair use, and privacy. Click here to read other blog posts in this series. After years of complaining that our email privacy laws were hopelessly outdated, 2012 saw a promising beacon of light peek out from the most unlikeliest of places: a sex scandal.

  • (Wired, Friday, December 21, 2012)

    The Senate late Thursday forwarded legislation to President Barack Obama granting the public the right to automatically display on their Facebook feeds what they’re watching on Netflix. While lawmakers were caving to special interests, however, they cut from the legislative package language requiring the authorities to get a warrant to read your e-mail or other data stored in the cloud.

  • (Electronic Frontier Foundation, Tuesday, December 11, 2012)

    The 15th round of Trans-Pacific Partnership (TPP) agreement negotiations in New Zealand concluded this week, locking out civil society participation in an unprecedented way. The TPP is a trade agreement between eleven Pacific nations and it covers a wide range of regulatory issues including transnational investment, services, tobacco, and textiles. The chapter that EFF and other digital rights groups around the world find alarming covers intellectual property. EFF is also looking into issues of free flow of information and cross-over issues that may appear in the ecommerce and service chapters. 

  • (The Hill, Wednesday, December 5, 2012)

    Rep. Greg Walden (R-Ore.) accused the Obama administration on Wednesday of hypocrisy for advocating for Internet freedom on a global level but supporting Internet regulation domestically. U.S. delegates are currently attending a conference in Dubai to update a global telecommunications treaty. The Obama administration and lawmakers in both parties oppose efforts that would expand the treaty to allow for international regulation of the Internet.

  • (Wired, Wednesday, December 5, 2012)

    There’s a lot of sky-is-falling doomsday predictions about the World Conference on International Telecommunications, which opens Monday in Dubai with some 190-plus nations discussing the global internet’s future. That’s because much of the accompanying proposals from the global community have been kept under lock and key, although some of the positions of nations have been leaked and published online.

  • (Networked World, Wednesday, December 5, 2012)

    The Internet, long viewed as a tool to expand freedom, is an equally effective tool for repression. That is just as true in the United States as anywhere else. Security guru Bruce Schneier noted in a recent blog post, citing Evgeny Morozov's book, "The Net Delusion: The Dark Side of Internet Freedom," that, "Repressive regimes all over the world are using the Internet to more efficiently implement surveillance, censorship, and propaganda. And they're getting really good at it."

  • (Electronic Frontier Foundation, Tuesday, December 4, 2012)

    The U.S. and other governments are meeting yet again to hash out the secret Trans-Pacific Partnership Agreement (TPP), this time in New Zealand. International trade agreements may seem far removed from our daily lives. Why should people in the U.S. take action against TPP? Although we don't know what's in the draft treaty, and the U.S. Trade Representative refuses to publish it, the leaked drafts we've seen are alarming. TPP is likely to export some of the worst features of U.S. copyright law: a broad ban on breaking digital locks on creative work, even for legal uses, a copyright term of life plus seventy years (the current international norm is life-plus-fifty), ruinous statutory damages with no proof of actual harm, and government seizures of computers and equipment involved in alleged infringement.

  • (The Washington Post, Wednesday, November 28, 2012)

    If you left a letter on your desk for 180 days, you wouldn’t imagine that the police could then swoop in and read it without your permission, or a judge’s. But that’s just what law enforcement officers can do with your e-mail. Using only a subpoena, government agents can demand that service providers turn over electronic communications they have stored, as long as those communications are more than six months old. Protections are even weaker for opened e-mail or documents stored in the “cloud.” The advertisements that the Postal Service piles into your mailbox every day are legally sacrosanct; the medical notifications your health-insurance company sends to your Gmail account are not.

  • (Access, Tuesday, November 27, 2012)

    A flurry of activity in US Congress and the Oval Office could alter the privacy rights and cybersecurity of users in the US and abroad for decades to come. It also presents an opportunity to limit the military’s growing reach over cyberspace. 

  • (IFEX, Thursday, November 22, 2012)

    Secret, undemocratic trade agreements that put shackles on our free speech online are nothing new. Civil society organisations have been fighting the passage of the Anti-Counterfeiting Trade Agreement (ACTA) for the past six years. But some bad ideas never die. The same year that ACTA was defeated in the European Union, a new agreement was forged behind closed doors: the Trans-Pacific Partnership (TPP).

  • (Electronic Frontier Foundation, Wednesday, November 21, 2012)

    Currently, the Department of Justice argues it can read your private electronic messages, like emails and private Facebook messages, older than 180 days without a warrant due to an archaic distinction in the outdated Electronic Communications Privacy Act (ECPA). Senator Leahy wants to change this and has scheduled a markup hearing next week. 

  • (Mobiledia, Monday, November 19, 2012)

    A teen convicted of molestation can't be kept off social media, according to a court ruling, in a case that raises questions about the Internet's role in crime and punishment. Some argue social media is a First Amendment right, and it should be treated like other forms of freedom of speech, which can't be taken away.

  • (Center for Democracy and Technology, Friday, November 16, 2012)

    Is MetroPCS the publisher of your tweets? Is Verizon’s FiOS Internet service a newspaper? They seem to think so. In their pending challenge to the FCC’s Open Internet Rules, Verizon and MetroPCS argued that the Rules violate their purported First Amendment right to exercise “editorial discretion” over their customers’ Internet access. Yesterday, CDT and other friends of the court (not to mention friends of the Internet) filed briefs rebutting this dangerous assertion.

  • (ARS Technica, Friday, November 16, 2012)

    The "six strikes" anti-piracy program is on its way, for real. Jill Lesser, head of the Center for Copyright Information—the enforcement agency in charge of the system—confirmed that the system is coming this year in a September interview with Ars. Speaking at a New York Internet conference, representatives of two of the biggest ISPs, Verizon and Time Warner, have finally described how their systems will work.

  • (The Huffington Post, Friday, November 16, 2012)

    Longtime opponents to Internet censorship were glad to see the Obama Administration enforce new human rights rules involving Iran last week. The State Department announced sanctions against four individuals and five entities, including Iran's communications and technology minister Reza for actions that censored access to the Internet and other actions that blocked freedom of expression. The sanctions mean these individuals and entities will have their U.S. assets frozen and U.S. entities can't do business with them. Designated individuals and members of designated entities cannot travel to the U.S.

  • (The New York Times, Friday, November 16, 2012)

    A bastion of openness and counterculture, Silicon Valley imagines itself as the un-Chick-fil-A. But its hyper-tolerant facade often masks deeply conservative, outdated norms that digital culture discreetly imposes on billions of technology users worldwide. What is the vehicle for this new prudishness? Dour, one-dimensional algorithms, the mathematical constructs that automatically determine the limits of what is culturally acceptable.

  • (Roosevelt Institute, Thursday, November 15, 2012)

    Washington, DC: Today, former officials with decades of expertise in communications networks, including former FCC Chairman Reed Hundt, joined by the National Association of Telecommunications Officers and Advisors (NATOA), filed a friend of the court brief with the United States Court of Appeals for the District of Columbia Circuit in connection with Verizon's pending challenge to the FCC's Open Internet Rules. The brief responds specifically to sweeping claims made by Verizon in its opening brief (filed July 2, 2012) that Congress and the Federal Communications Commission are barred by the First Amendment from imposing any restrictions on Verizon's provision of broadband Internet access to Americans.

  • (Electronic Frontier Foundation, Wednesday, November 14, 2012)

    The unfolding scandal that led to the resignation of Gen. David Petraeus, the Director of the Central Intelligence Agency, started with some purportedly harassing emails sent from pseudonymous email accounts to Jill Kelley. After the FBI kicked its investigation into high gear, it identified the sender as Paula Broadwell and, ultimately, read massive amounts of private email messages that uncovered an affair between Broadwell and Petraeus (and now, the investigation has expanded to include Gen. John Allen's emails with Kelley). We've received a lot of questions about how this works—what legal process the FBI needs to conduct its email investigation. The short answer? It's complicated.

  • (Nextgov, Friday, November 9, 2012)

    The Homeland Security Department has commissioned Accenture to test technology that mines open social networks for indications of pandemics, according to the vendor. The $3 million, yearlong “biosurveillance” program will try to instantaneously spot public health trends among the massive amount of data that citizens share online daily, company officials said in announcing the deal Thursday.

  • (Center for Democracy and Technology, Friday, November 9, 2012)

    The Fourth Amendment to the Constitution is supposed to protect us against unreasonable government intrusions on our privacy. It protects our "persons, houses, papers and effects." Pretty much everyone, including officials at the US Justice Department, agree that "papers" includes the digital content of our laptops, tablets and mobile phones.

  • (Electronic Frontier Foundation, Wednesday, November 7, 2012)

    Now that the election is over, Congress can get back to work doing the people’s business. And if that work is going to affect online expression, innovation, and/or privacy, it should start with a simple proposition: bring in the nerds (aka experts) and Internet users who care deeply about protecting their digital rights.

  • (Center for Democracy and Technology, Wednesday, November 7, 2012)

    There will be some new faces next year. But with the Administration and both houses of Congress remaining in the same hands, the election's main outcome for tech policy is that there won't be any immediate U-turns or game-changers in the ongoing debates over important issues like cybersecurity, privacy, and Internet neutrality.

  • (Gigaom, Sunday, November 4, 2012)

    Mikko Hypponen contacted us Monday morning to say he created the tweet below to highlight Twitter's new DMCA policy; it did not represent an actual withdrawn tweet. The story has been updated accordingly. See further explanation below] Twitter has made a significant shift in how it responds to copyright complaints. In the past, such complaints caused tweets to vanish without a trace but now people can see the place where a tweet once stood — and the reaction to its disappearance.

  • (Electronic Frontier Foundation, Friday, November 2, 2012)

    AT&T’s internet traffic in San Francisco runs through fiber-optic cables at an AT&T facility located at 611 Folsom Street in San Francisco. Using a device called a “splitter” a complete copy of the internet traffic that AT&T receives – email, web browsing requests, and other electronic communications sent to or from the customers of AT&T’s WorldNet Internet service from people who use another internet service provider – is diverted onto a separate fiber-optic cable which is connected to a room, known as the SG-3 room, which is controlled by the NSA. The other copy of the traffic continues onto the internet to its destination. 

  • (New York Times, Friday, October 26, 2012)

    China is the world's biggest market but for western media firms trying to expand it can be a bruising experience, with even the biggest names such as Rupert Murdoch and Google having come a cropper. So it was perhaps inevitable when the New York Times (NYT) decided to launch a Chinese language website in June that it would at some point fall foul of the censors. But it did so in spectacular fashion on Friday when the government blocked access to the site, accusing it of trying to "smear" the country's name. Its crime was to publish an article claiming that the family of the Chinese premier, Wen Jiabao, had accumulated massive wealth – a handsome $2.7bn (£1.67bn) – during his time in power.

  • (Ad Week, Tuesday, October 23, 2012)

    When it comes to big tech spenders in Washington, no one tops Google. This third quarter, the Internet giant shelled out $4.18 million to influence political decision-makers in a 76 percent increase over last year during the same period. So far in 2012, Google has spent $13.13 million to influence political decision-makers, already topping the 2011 total of $9.68 million. Facebook also continues to spend more. Though steadily increasing, the social network's outlay pales in comparison to Google. The leading social network spent $980,000 in the third quarter, marking a two percent increase over the previous quarter for a 2012 total of $2.59 million.

  • (The Chicago Tribune, Friday, October 19, 2012)

    Brian Fitzpatrick is a veteran Google Chicago engineer who majored in Latin but has become an expert in government censorship of the Internet. Two years ago his team of five engineers, all working in Chicago, began tallying and helping publish the number and types of government requests Google receives to remove content from its products or turn over information about users.

     

  • (Huff Post Canada, Monday, October 15, 2012)

    We reach certain points in time, what the critical media scholar Robert McChesney calls "critical junctures," or that the sociologist and media historian Paul Starr calls "constitutive moments." Now is one such moment, and choices and decisions made now could tilt the evolution of the network media ecology in Canada toward a more closed, surveilled and centralized regime instead of an open one that strives to put as much of the internet's capabilities into as many people's hands as possible. The latter approach maximizes the diversity of voices and is essential to any free press -- digital, networked, or otherwise -- and to the role of communications media in a democracy.

  • (Wired, Tuesday, October 9, 2012)

    The Supreme Court closed a 6-year-old chapter Tuesday in the Electronic Frontier Foundation’s bid to hold the nation’s telecoms liable for allegedly providing the National Security Agency with backdoors to eavesdrop, without warrants, on Americans’ electronic communications in violation of federal law.

  • (Wired, Monday, October 8, 2012)

    The nation’s major internet service providers by year’s end will institute a so-called six-strikes plan, the “Copyright Alert System” initiative backed by the Obama administration and pushed by Hollywood and the major record labels to disrupt and possibly terminate internet access for online copyright scofflaws.

  • (The Wall Street Journal, Sunday, October 7, 2012)

    The presidential debate on Oct. 3 didn't get around to digital technology and the role of government, but the candidates were sure to have prepped for the topic. These draft remarks were discovered, left behind on Mitt Romney's lectern: Last year I got a question at a town-hall meeting in New Hampshire about the role of government in regulating the Internet. I said, "Almost none—Keep it free." I said there's no reason for the government to look for a solution when there's not a problem.

  • (WebProNews, Thursday, October 4, 2012)

    SOPA and PIPA were a major threat to the Internet. Only those in the entertainment industry denied the claim as they pushed for stricter control of the Internet. The two bills eventually spurred the single largest Internet protest as countless Web sites, including Wikipedia, went dark. The bills were soundly defeated, but do they ever have a chance of coming back? MPAA CEO Chris Dodd was a speaker at San Francisco’s Commonwealth Club on Tuesday night where he spoke at length about SOPA, PIPA, and what Hollywood’s doing to help combat piracy. He also spoke at length with Wired after the talk to further clarify what he thought about the Internet movement against the two anti-piracy bills from earlier this year, and other subjects.

  • (ACLU: Blog of Rights, Wednesday, October 3, 2012)

    Today is Banned Websites Awareness Day – a designated day within Banned Books Week – which is sponsored by our friends at the American Association of School Librarians and designed to raise awareness of the overly restrictive blocking of legitimate, educational websites and academically useful social networking tools in schools and school libraries. At the ACLU LGBT Project, this is a subject near and dear to our hearts, and today we’re releasing a new report about our work to fight back against banned websites. 

  • (Center for Democracy and Technology, Wednesday, October 3, 2012)

    For nearly two years now, industry and advocates have been discussing how to implement "Do Not Track" — a setting in browsers that would allow companies to serve ads while limiting the collection of personal information about users. This week, dozens of ad industry representatives, browser makers, and consumer advocates are gathering in Amsterdam during a World Wide Web Consortium (W3C) meeting to fine tune the details of how such a setting will work. However, in recent days, we have suddenly seen an all-out blitz of attacks on Do Not Track, both in Washington and Silicon Valley decrying Do Not Track as a disaster that would destroy the advertising-supported web.

  • (Access, Tuesday, October 2, 2012)

    After successfully battling the Stop Online Piracy Act (SOPA), the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PIPA), and the not-too-subtle Protecting Children From Internet Pornographers Act (PCIP), internet users and their allies deserve some protection from overzealous, undercooked legislation affecting their rights online. Fortunately, some in Congress hear their pleas and are proactively moving to update laws and regulations with smart, forward-looking legislation.

  • (The Wall Street Journal, Thursday, September 27, 2012)

    The American Civil Liberties Union released a tranche of law enforcement records on the use of two increasingly popular surveillance methods that don’t require a warrant: pen registers and trap and trace devices. The names are a bit misleading. In the past, these were, in fact, devices — little boxes that law enforcement affixed to phone lines to covertly record incoming and outgoing phone numbers. But now the interception capabilities are built in the phone companies’ hardware.

  • (CNET News, Saturday, September 22, 2012)

    The FBI is renewing its request for new Internet surveillance laws, saying technological advances hinder surveillance and warning that companies should be required to build in back doors for police. "We must ensure that our ability to obtain communications pursuant to court order is not eroded," FBI director Robert Mueller told a U.S. Senate committee this week. Currently, he said, many communications providers "are not required to build or maintain intercept capabilities."

  • (The Guardian, Friday, September 21, 2012)

    The chief executive of Twitter, Dick Costolo, has said the company will continue to fight legal challenges brought against its users by officials who want access to their archived tweets. Costolo said Twitter found itself in an invidious position in the case of Malcolm Harris, an Occupy Wall Street protester whose tweets were sought by prosecutors in New York.

  • (The Huffington Post, Wednesday, September 19, 2012)

    Campaign strategists and pundits are always trying to predict the newest or most important political demographic groups. For a long time, it was seniors. That was followed by the dawn of the "soccer mom" and lately there has been a lot of talk about "NASCAR dads." But the strongest untapped political factor these days is rarely mentioned, despite representing a force central to the lives of nearly every American -- the Internet.

  • (Munk School of Global Affairs, Wednesday, September 19, 2012)

    The event brought together a diverse range of stakeholders from academia, government, the private sector and civil society. The aim of this conference was to help develop a richer understanding of stewardship of cyberspace. We wished to identify where accountability gaps exist, or where policy adjustments might be advocated, on the basis of real case studies and empirical evidence. The event was sponsored by Google, Microsoft, Afilias, and Internet Society, as well as supported by The John D. and Catherine T. MacArthur Foundation, the Government of Canada, and the SecDev Group.

  • (TNW, Wednesday, September 19, 2012)

    The US Senate today strongly indicated how unwilling it is to allow for United Nations (UN) control of the Internet. The Senate Foreign Relations Committee voted as one on a resolution in opposition to the idea. If this excercise sounds familiar, it should be. In early August the House, the lower chamber of the US Congress, voted and passed a resolution that, to quote the National Journal, “aimed at preventing any efforts to hand the United Nations more power to oversee the Internet.”

  • (Wired, Wednesday, September 19, 2012)

    Another lobbying group hit Washington, D.C. on Wednesday. But think again before you start screaming that it’s just another lobby representing the 1%. The Internet Association, backed by behemoths Amazon, Google, Facebook and others — 14 groups in all — is focused on internet freedom — something that’s easy in principle and hard when it comes to details.

  • (ACLU: Free Future, Tuesday, September 18, 2012)

    Smartphones can be a cop's best friend. They are packed with private information like emails, text messages, photos, and calling history. Unsurprisingly, law enforcement agencies now routinely seize and search phones. This occurs at traffic stops, during raids of a target's home or office, and during interrogations and stops at the U.S. border. These searches are frequently conducted without any court order.

  • (The Guardian, Friday, September 14, 2012)

    Twitter has relented in its fight with New York prosecutors to hand over three months worth of messages from an Occupy Wall Street protester ahead of the activist's criminal trial. Twitter had argued that the posts belong to Malcolm Harris and as such it would be violating fourth amendment privacy rights if it were to disclose the communications. But having lost a legal appeal against a subpoena, Twitter faced the prospect of steep fines if it did not comply with the judges order to turn over the tweets to the Manhattan district attorney's office.

  • (Wired, Wednesday, September 12, 2012)

    The House on Wednesday reauthorized for five years broad electronic eavesdropping powers that legalized and expanded the George W. Bush administration’s warrantless wiretapping program. The FISA Amendments Act, (.pdf) which is expiring at year’s end, allows the government to electronically eavesdrop on Americans’ phone calls and e-mails without a probable-cause warrant so long as one of the parties to the communication is believed outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”

  • (Public Knowledge, Monday, September 10, 2012)

    The Trans-Pacific Partnership Agreement ("TPP") is a free trade agreement currently being negotiated by nine countries: The United States, Australia, Brunei Darussalam, Chile, Malaysia, New Zealand, Peru, Singapore, and Vietnam. Although the TPP covers a wide range of issues, this site focuses on the TPP's intellectual property (IP) chapter. The TPP suffers from a serious lack of transparency, threatens to impose more stringent copyright without public input, and pressures foreign governments to adopt unbalanced laws.

  • (Tech President, Tuesday, September 4, 2012)

    As expected, Democrats this week released language for their 2012 party platform that expresses support for the concept of "Internet freedom." Yet while the party reached out to its tech constituency, it also sought to make clear to its deep-pocketed constituents in Southern California that "freedom" doesn't mean a free-for-all when it comes to respecting intellectual property rights online.

  • (The New York Times, Sunday, September 2, 2012)

    Alexander Macgillivray, Twitter’s chief lawyer, says that fighting for free speech is more than a good idea. He thinks it is a competitive advantage for his company. That conviction explains why he spends so much of Twitter’s time and money going toe to toe with officers and apparatchiks both here and abroad. Last week, his legal team was fighting a court order to extract an Occupy Wall Street protester’s Twitter posts.

  • (The Economist, Saturday, September 1, 2012)

    It took just 20 minutes to build, but Chris Soghoian’s hastily constructed website capable of generating fake airline boarding passes led to a rebuke from a congressman, a raid by the Federal Bureau of Investigation (FBI), an investigation by the Transport Security Administration (TSA), worldwide media coverage—and ultimate vindication. With a series of similar exploits that have exposed security flaws and privacy violations, he has demonstrated his ability to hack the media with just as much facility as he manipulates computers. 

  • (Personal Liberty Digest, Friday, August 31, 2012)

    There was a fight earlier this year about Internet freedom and privacy as Congress attempted to create legislation (SOPA, PIPA, CISPA, ACTA) that would give government more control over the Internet. When Internet companies and the public expressed disdain for such a measure, legislators backed down.

  • (The Washington Post, Wednesday, August 29, 2012)

    GOP adopts Internet freedom plank: Part of the platform the Republican party adopted Tuesday night included language to protect Internet freedom, something that lawmakers and interest groups on both sides of the aisle have been calling for in recent months.

  • (ABA Journal, Wednesday, August 29, 2012)

    Twitter is supporting Occupy Wall Street protester Malcolm Harris in an appeal that argues he has standing to challenge subpoenas issued by the Manhattan District Attorney’s office. Twitter legal counsel Ben Lee announced the appeal in a tweet, IDG News Service reports. “Twitter users own their tweets,” he wrote in another tweet. “They have a right to fight invalid government requests, and we continue to stand with them in that fight.”

  • (The Hill, Wednesday, August 22, 2012)

    A group of House Democrats is calling for the Democratic Party to stake out a position on Internet freedom in its party platform. In a letter sent Wednesday to Democratic National Committee (DNC) Chairwoman Rep. Debbie Wasserman Schultz (Fla.) and Executive Director Patrick Gaspard, the House lawmakers urged the DNC to state its commitment to Internet freedom principles in the party's platform for its upcoming convention in Charlotte, N.C. The letter was signed by Reps. Zoe Lofgren (D-Calif.), Anna Eshoo (D-Calif.), Doris Matsui (D-Calif.) and Jared Polis (D-Colo.), who also proposed draft language for the platform.  

  • (Mashable, Tuesday, August 21, 2012)

    California’s Senate on Tuesday unanimously approved legislation to bar colleges and universities from requiring students to provide administrators with access to their social media usernames and passwords. Governor Jerry Brown now must sign or veto the bill by Sept. 30. California is not the first state to pass legislation protecting social media privacy for students.

  • (Huffington Post Canada, Tuesday, August 21, 2012)

    Sometime in the next few weeks, Public Safety Minister Vic Toews is expected to be appointed to the Manitoba Court of Appeal. The Toews appointment is among the worst kept secrets in Ottawa, with the move causing a domino effect that will lead to a new minister and an opportunity for a fresh start on Internet surveillance legislation, one of the government's biggest political blunders to date.

  • (Change.org, Monday, August 20, 2012)

    Every day, Syrians are risking their lives to broadcast pictures and videos of the uprising -- but because of U.S. sanctions on Syria, they don't have access to essential technologies that would protect them from being spied on and tracked down by the Syrian government - often with the use of computer viruses. By easing current sanctions, the U.S. can help Syrian activists share information more safely.

  • (Harvard University Belfer Center, Friday, August 17, 2012)

    Harvard's Berkman Center for Internet & Society—with contributions from the Science, Technology, and Public Policy Program's Explorations in Cyber International Relations project—has developed a Cybersecurity Wiki that is designed to be a curated, comprehensive, evolving, and interactive collection of resources for researchers (not just legal researchers), technologists, policymakers, judges, students, and others interested in cybersecurity issues, broadly conceived. The general aim of the wiki is to collect in one place—and organize intelligently—important documents related to cybersecurity.

  • (The Netizen Project, Tuesday, August 14, 2012)

    A new documentary by Fault Lines on Al Jazeera English called “Controlling the Web” succinctly explains the connection between key issues in the struggle for digital liberties in the United States, including copyright, surveillance and cybersecurity. The documentary opens in early 2012 with the fight against two bills in the U.S. House of Representatives and Senate, the Stop Online Piracy Act (SOPA) and Protect Intellectual Property Act (PIPA) respectively. The battle, which pitted free expression and privacy activists against proponents of tougher copyright law, featured the largest online protest in U.S. history. 

  • (NJ.com, Monday, August 13, 2012)

    A city couple is suing the bloggers behind two Hoboken-centric websites and others, seeking more than $2 million in damage for dozens of blog posts and other online comments that the couple call "false and defamatory." Local activist Lane Bajardi and his wife, Kimberly Cardinal Bajardi, filed the suit in Hudson County Superior Court last month, claiming that various posts on the Grafix Avenger blog and elsewhere paint Lane Bajardi as an anti-semitic political operative and FBI informant who engages in tax evasion

  • (The Guardian, Monday, August 13, 2012)

    It sounds like something from the film Minority Report: a CCTV surveillance system that recognises people from their face or walk and analyses whether they might be about to commit a terrorist or criminal act. But Trapwire is real and, according to documents released online by WikiLeaks last week, is being used in a number of countries to try to monitor people and threats.

  • (Access, Monday, August 13, 2012)

    On August 10, 2012, Access submitted a public comment on the development of the joint strategic plan on intellectual property enforcement (IPEC). Some of the chief recommendations include ensuring independent and fact-based policy making, transparency and multistakeholderism, respecting the rule of law and to work with industry to adjust business models, making content more accessible and at reasonable prices, rather than focusing strictly on costly enforcement that would be to the detriment of human rights and the open internet. 

  • (The Guardian, Friday, August 10, 2012)

    Facebook has agreed to tighten its privacy policies after it settled a long-running dispute with the US Federal Trade Commission (FTC). The social network was accused by the regulator last year of introducing "unfair and deceptive" changes to its privacy policies in 2009, including settings that made users' confidential profile information public without their consent. Facebook also shared personal information including status updates, geographic location and marital status with advertisers and third-party applications without telling users, the FTC said.

  • (Media Activism, Tuesday, August 7, 2012)

    Various cybersecurity acts threaten constitutional freedoms. On March 27, HR 4263: SECURE IT Act of 2012 was introduced. Now in committee, no further action was taken. On April 26, the House passed HR 3523: Cyber Intelligence Sharing and Protection Act (CISPA) of 2011. On June 27, S. 3342: SECURE IT Act was introduced. Now in committee, no further action was taken. On July 19, S. 3414: Cybersecurity Act of 2012 was introduced in the Senate. On August 2, a Senate cloture vote failed. Voting 52 - 46, the bill fell eight votes short. Prior and current cybersecurity bills represent draconian threats to Internet and constitutional freedoms. Unless stopped, they'll be lost en route to destroying other legal protections.

  • (New York Times, Tuesday, August 7, 2012)

    Twitter officials have complied with a court order to turn over account information to help New York police investigators identify who threatened to carry out an attack like the Colorado movie theater shooting at a Broadway theater where Mike Tyson is appearing in a one-man show, the police said Tuesday. The compliance came three days after the social media company, based in California, denied an emergency request from the Police Department to provide the account holder’s registration information and computer network address.
     

  • (Wired, Tuesday, August 7, 2012)

    The federal government may spy on Americans’ communications without warrants and without fear of being sued, a federal appeals court ruled Tuesday in a decision reversing the first and only case that successfully challenged President George W. Bush’s once-secret Terrorist Surveillance Program. “This case effectively brings to an end the plaintiffs’ ongoing attempts to hold the executive branch responsible for intercepting telephone conversations without judicial authorization,” a three-judge panel of the 9th U.S. Circuit Court of Appeals wrote.

  • (Huffington Post, Monday, August 6, 2012)

    Despite warnings that hackers could shut down critical infrastructure with the click of a mouse, the Senate voted down landmark legislation on Thursday to protect the nation's vital computer networks from the rising threat of a cyberattack. The bill fell eight votes shy of the 60 votes needed to move past a Republican filibuster. Its defeat, coming just days before the Senate recess and months before the election, means that key national security legislation will likely not be addressed until next year.

  • (Journalism in the Americas, Thursday, August 2, 2012)

    YouTube is partnering with the Center for Investigative Reporting (CIR) to launch an investigative news channel called I Files, according to NDTV. This latest venture, launched Thursday, Aug. 2, comes just as a recent Pew Report shows that YouTube, known for its cute animal and music videos, has emerged as a major news source.

  • (Washington Post, Tuesday, July 24, 2012)

    The Senate is poised to take up comprehensive cybersecurity legislation as soon as this week, after years of discussion among lawmakers and a compromise that critics allege undercuts the effort to prevent a crippling cyberattack against the nation.

  • (New York Times, Sunday, July 22, 2012)

    The article about law enforcement’s extensive surveillance of cellphone use  ought to concern all Americans about the threat to our Fourth Amendment rights. According to information supplied by carriers, the police made more than 1.3 million requests, an astounding number, last year for text messages, cellphone location and other data.

  • (The Hill, Thursday, July 19, 2012)

    Senate Homeland Security Committee leaders Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine) introduced a revised version of their cybersecurity bill on Thursday. The revised bill proposes to establish a multi-agency council, called the National Cybersecurity Council, that would assess the risks and vulnerabilities found in computer systems of critical infrastructure. The council would be chaired by the Homeland Security Secretary and include members from the Pentagon, Department of Commerce, Justice Department, intelligence community and federal regulatory agencies that oversee critical infrastructure for specific sectors.

  • (National Journal, Tuesday, July 17, 2012)

    The Senate Finance Committee is set to take up legislation Wednesday that includes language targeting Russian efforts to censor the Internet. Sen. Ron Wyden, D-Ore., chairman of the Finance International Trade Subcommittee, has included language in a bill to grant Russia permanent normal trade relations with the United that would require the U.S. Trade Representative to conduct an annual report to identify any actions Russia has taken to restrict access to U.S. digital goods and services, such as barring access to a U.S. website like YouTube.

  • (New York Times, Sunday, July 8, 2012)

    In the first public accounting of its kind, cellphone carriers reported that they responded to a startling 1.3 million demands for subscriber information last year from law enforcement agencies seeking text messages, caller locations and other information in the course of investigations. The cellphone carriers’ reports, which come in response to a Congressional inquiry, document an explosion in cellphone surveillance in the last five years, with the companies turning over records thousands of times a day in response to police emergencies, court orders, law enforcement subpoenas and other requests.

  • (National Telecommunications and Information Administration, Monday, July 2, 2012)

    The U.S. Commerce Department's National Telecommunications and Information Administration (NTIA) announced today that it has awarded the Internet Assigned Numbers Authority (IANA) functions contract to the Internet Corporation for Assigned Names and Numbers (ICANN). The IANA functions are key technical services critical to the continued operations of the Internet's underlying address book, the Domain Name System (DNS).

  • (The Global and Mail, Saturday, June 30, 2012)

    Public Safety Canada has been in close consultation with telecommunication companies over the logistics of Ottawa's so-called Internet "snoop and spy" legislation – talks that dealt with who will shoulder the costs of pricey "intercept capabilities," and whether it will even be feasible to monitor user behaviour in an increasingly complex "cloud-computing" environment.

  • (Wired, Wednesday, June 27, 2012)

    The nation’s major mobile carriers have amassed a treasure trove of sensitive data on their customers that they share with police and advertisers — but keep hidden from the consumers themselves. The major carriers, AT&T, Sprint, T-Mobile and Verizon, store who you texted, the content of texts and locational tracking information such as cell-site data, which identifies the cell tower to which a customer was connected at the beginning of a call and at the end of the call. But, according to a survey by Pro Publica, the major carriers won’t disclose the data to their customers, for a host of reasons — nonsensical ones at best. But they will gladly hand it over to the authorities, even without warrants.

  • (New York Times, Tuesday, June 19, 2012)

    DO machines speak? If so, do they have a constitutional right to free speech? This may sound like a fanciful question, a matter of philosophy or science fiction. But it’s become a real issue with important consequences. In today’s world, we have delegated many of our daily decisions to computers. On the drive to work, a GPS device suggests the best route; at your desk, Microsoft Word guesses at your misspellings, and Facebook recommends new friends. In the past few years, the suggestion has been made that when computers make such choices they are “speaking,” and enjoy the protections of the First Amendment.

  • (Forbes, Sunday, June 17, 2012)

    The American government’s appetite for Google’s data is growing. In the second half of 2011, Google received 6,321 requests that it hand over its users’ private data to U.S. government agencies including law enforcement, and complied at least partially with those requests in 93% of cases, according to the latest update to the company’s bi-annual Transparency Report that it planned to release Sunday night. That’s up from 5,950 requests in the first half of 2011, and marks a 37% increase in the number of requests over the second half of 2010, when Google received only 4,601 government requests and complied to some degree with 94% of them.

  • (Reuters, Saturday, June 16, 2012)

    Executives were urged to join the fight to keep the Internet free from centralized control, ahead of a conference later this year where U.S. government officials fear countries will vote to give the United Nations more power over the Web. "Get your company involved. Work to get likeminded countries involved. What is at stake here is just that important," Assistant Secretary of Commerce Lawrence Strickling told the U.S. Chamber of Commerce's telecom committee on Friday. U.S. officials have expressed concerns that U.N. involvement could empower efforts by developing nations to tax large technology companies such as Google Inc and Facebook Inc.

  • (CNET, Friday, June 15, 2012)

    The FBI, DEA, and Royal Canadian Mounted Police say IPv6 may erode their ability to trace Internet addresses -- and warn new laws may be necessary if industry doesn't do more.

  • (Al Jazeera, Wednesday, June 13, 2012)

    State Department counter-propaganda has been met with accusations of hypocrisy in the wake of persecution of Anonymous.

  • (The Guardian, Wednesday, June 13, 2012)

    House oversight committee chairman and firebrand Obama administration critic Darrell Issa is touting his first draft of a Digital Bill of Rights for internet denizens, and he's asking for the public's input. Issa, who spent the better part of the winter rallying opposition against the Stop Online Piracy Act, is also fresh off launching his latest legislative crowdsourcing project, the OpenGov Foundation earlier this week at the Personal Democracy Forum. Now, he's inviting citizens "to help get this right" by inviting edits to the Digital Citizen's Bill of Rights.

  • (White House Briefing Room, Wednesday, June 13, 2012)

    Tomorrow, the President will sign an Executive Order to make broadband construction along Federal roadways and properties up to 90 percent cheaper and more efficient. Currently, the procedures for approving broadband infrastructure projects on properties controlled or managed by the Federal Government—including large tracts of land, roadways, and more than 10,000 buildings across the Nation—vary depending on which agency manages the property. The new Executive Order will ensure that agencies charged with managing Federal properties and roads take specific steps to adopt a uniform approach for allowing broadband carriers to build networks on and through those assets and speed the delivery of connectivity to communities, businesses, and schools.

  • (Canadian Public Administration, Tuesday, June 12, 2012)

    More than twenty-five years after its adoption, the Access to Information Act has become increasingly a cause for concern among public servants, experts, scientists and the media. This article reviews the evolution of the access-to-information regime since the 1980s, the issues that have arisen, the political significance of information in democracy, and the enduring tension between its democratic purpose and strategic value. The article also examines the issues of centralization, control and secrecy within the state apparatus despite continuing calls for transparency. Under Conservative governments since 2006, there has been increased control and conflict over disclosure of information, which have spread to a larger part of the state apparatus. Among those involved in conflicts over information with the Prime Minister's Office are members and officers of Parliament and parliamentary committees.

  • (Center for International Media Assistance, Monday, June 11, 2012)

    Over the past four years, digital media have been transforming both the premises and the practices of U.S. government funding in media development. While Congress is cutting back on foreign aid budgets, resources to launch new digital media programs continue to grow. Media development professionals agree that some aspect of digital technology is now embedded in virtually every government-funded media project. Many highly technical programs, such as those addressing Internet security and circumvention, have proliferated. At the same time, traditional media development programs, including some that stress creation of quality content, face new challenges.

  • (Reuters, Thursday, June 7, 2012)

    LinkedIn Corp is working with the FBI as the social network for job seekers and professionals investigates the theft of 6.4 million member passwords, the company said on Thursday. The company does not know of any accounts that were taken over as a result of the security violations, according to LinkedIn spokesman Hani Durzy.

  • (AFP, Friday, June 1, 2012)

    US officials, lawmakers and technology leaders voiced firm opposition Thursday to efforts to bring the Internet under UN control, saying it could hurt free expression and commerce. At a congressional hearing, the comments were united in opposition to place the Internet under the jurisdiction of the International Telecommunications Union, a United Nations agency which governs telecom systems.

  • (Washington Post, Wednesday, May 30, 2012)

    U.S. officials and high-tech business giants have launched an assault against what they view as a massive threat to the Internet and to Silicon Valley’s bottom lines: foreign governments. In a congressional hearing Thursday, they will warn lawmakers of a growing movement led by China, Russia and some Arab states to hand more control of the Web to the United Nations and place rules on the Internet that the U.S. companies say would empower governments to clamp down on civil rights and free speech.

  • (Foreign Affairs, Tuesday, May 22, 2012)

    Mike Rogers and Rebecca MacKinnon debate over protecting civil liberties online.

  • (Ars Technica, Wednesday, May 16, 2012)

    A March 2012 study from the Pew Internet and American Life Project found that two-thirds of Americans view a personalized search as a “bad thing,” with 73 percent of those surveyed saying that they were “not OK” with personalized searches on privacy grounds. Another recent poll of California voters recently reached similar results, as “78 percent of voters—including 71 percent of voters age 18-29—said the collection of personal information online is an invasion of privacy.”

  • (Huffington Post, Thursday, May 10, 2012)

    Sometimes it's called "information security." Other times, it's called "Internet management," or a "hate-free Internet." Whatever the code-name for it, too many foreign governments, including Syria, Iran and China, restrict Internet as a tool for suppressing free speech, free assembly and a free press. Though the United States has invested tens of millions of dollars in defending Internet freedom around the world in recent years -- including by equipping censored populations with technologies to evade digital repression -- we can and must do more to ensure Internet freedom remains a fundamental tenet of U.S. foreign policy.

  • (New York Times, Tuesday, May 8, 2012)

    Imagine a network of private highways that reserved a special lane for Fords to zip through, unencumbered by all the other brands of cars trundling along the clogged, shared lanes. Think of the prices Ford could charge. Think of what would happen to innovation when building the best car mattered less than cutting a deal with the highway’s owners.  A few years ago, Tim Wu, a professor at Columbia Law School and a leading thinker about the evolution of the “information economy,” warned members of the House judiciary committee that this could be the fate of the Internet. Companies offering broadband access, he said, should not be allowed to discriminate among services online. If they did, the best service would not always win the day.

  • (Mobile Active, Monday, May 7, 2012)

    Why, despite wide-spread use of mobile tech for social change around the world, has the U.S. social sector been so slow to adopt mobile technologies? What do funders need to understand to support grantees' efforts to harness the power of the mobile phone? What strategies can help service organizations realize the potential of mobiles? Since phones are ubiquitous for most demographics but particularly so for young people and communities of color who use phones more intensively, this is becoming a critical question for the social sector in the US.

  • (Office of Science and Technology Policy, Wednesday, May 2, 2012)

    Central to the Internet’s value as a platform for innovation, democracy, access to information and scientific progress are the technical standards on which it is built and the open manner in which it is governed. Yet, there are governments that seek to alter the fundamental way the Internet functions. Several governments recently called for new treaty provisions to assert centralized control over the Internet’s operations instead of relying on the voluntary, consensus-based processes that gave us the Internet we enjoy today.

  • (CNET, Friday, April 27, 2012)

    The U.S. House of Representatives approved the Cyber Intelligence Sharing and Protection Act, or CISPA, rejecting increasingly vocal arguments from critics that it would do more to endanger Americans' privacy than aid cybersecurity. By a vote of 248 to 168, a bipartisan majority approved CIPSA, which would permit Internet companies to hand over confidential customer records and communications to the National Security Agency and other portions of the U.S. government.

  • (Forbes, Wednesday, April 25, 2012)

    Internet users and activists have been raising alarm bells over “cybersecurity” legislation pending in Congress. That’s because some lawmakers declared this week to be “cyber week,” promising votes on four different security-related bills. The most prominent and most controversial of these proposed law is the Cyber Intelligence Sharing and Protection Act, or CISPA.

  • (Associated Press, Wednesday, April 25, 2012)

    Under pressure to stop the Syrian government's deadly crackdown, President Barack Obama on Monday levied new sanctions on people and entities in Syria and Iran that use technology to target their citizens and perpetrate human rights abuses.

  • (The Guardian, Tuesday, April 24, 2012)

    A senior State Department official has stressed the Obama administration's opposition to a controversial cybersecurity bill ahead of a vote in the House of Representatives later this week. The Cyber Intelligence Sharing and Protection Act (Cispa) is intended to facilitate sharing of information on online threats across different federal agencies and private companies. It has been criticised by both activists and politicians of both Democrats and Republicans for vague wording and insufficient safeguards.

  • (Foreign Policy, Tuesday, April 24, 2012)

    President Obama is on the right track with Monday's executive order, but the United States needs to get tougher on the global digital arms race.