_______ _______ _______
(_______)(_______)(_______) _
_____ _____ _____ _____ ____ _| |_ ___ ____
___) | ___) | ___)| ___ | / ___)(_ _)/ _ \ / ___)
>_____ | | | | | ____|( (___ | |_| |_| || |
_______)|_| |_| |_____) \____) \__)\___/ |_|
EFFector Vol. 31, No. 9 Friday, June 8, 2018 editor@eff.org
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
effector: n, Computer Sci. A device for producing a
desired change.
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
In our 735th issue:
* Who Has Your Back? Censorship Edition 2018
Given policymakers' and the public's intense focus on cracking down on speech
they consider undesirable, this year's Who Has Your Back report features
substantially redesigned categories and criteria. Since the Electronic
Frontier Foundation began publishing Who Has Your Back in 2011, it has
generally focused on the practices of major consumer-facing Internet
companies regarding government requests to produce user data. This year, we
shift our focus to companies' responses to government requests to take down
user content and suspend user accounts.
For our 2018 report, we assess companies' policies against five all-new
criteria:
* Transparency in reporting government takedown requests based on legal
requests
* Transparency in reporting government takedown requests based on requests
alleging platform policy violations
* Providing meaningful notice to users of every content takedown and account
suspension
* Providing users with an appeals process to dispute takedowns and
suspensions
* Limiting the geographic scope of takedowns when possible
Three platforms—the Apple App Store, Google Play Store, and
YouTube—earned stars in all five of these categories. And three
more—Medium, Reddit, and WordPress.com—earned stars in all but the notice
category, which proved the most challenging category for the companies we
assessed. Some companies fell notably short overall; Facebook's and
Instagram's policies in particular lagged behind comparable tech companies
and social networks. However, it's clear that public pressure is resulting in
real change in corporate policy and practice. We look forward to more
long-term improvements across the industry in future years as companies take
steps to be more accountable to their users and those users' right to freedom
of expression.
Read more: https://www.eff.org/who-has-your-back-2018
* EFF and 23 Civil Liberties Organizations Demand Transparency on NSA Domestic Phone Record Surveillance
Two dozen civil liberties organizations, including EFF and the ACLU, have
urged Director of National Intelligence Daniel Coats to report—as required
by law—statistics that could help clear up just how many individuals are
burdened by broad NSA surveillance of domestic telephone records. These
records show who is calling whom and when, but not the content of the calls.
These numbers are crucial to understanding how the NSA conducts this highly
sensitive surveillance under Section 215 of the Patriot Act, as amended by
the USA Freedom Act of 2015. Under the earlier version of this surveillance
program, the NSA collected details of nearly every single American's phone
calls. With the NSA’s domestic phone record surveillance powers scheduled
to expire in 2019, Congress and the public deserve to know the truth before
any legislative attempts to reauthorize the program.
Despite this, the Office of the Director of National Intelligence (ODNI) has
failed to report these statistics in its past three annual transparency
reports.
The civil liberties groups also signed a letter to Reps. Bob Goodlatte (R-VA)
and Jerry Nadler (D-NY), the Chair and Ranking Member of the House Judiciary
Committee, warning about the NSA’s continued failure to comply with the law
mandating disclosure of this data.
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
EFF Updates
* Email Privacy Act Comes Back, Hopefully to Stay
The House of Representatives passed a bill this week called the National
Defense Authorization Act (NDAA), which authorizes the nation’s military
and defense programs. Earlier in the week, scores of Representatives offered
amendments to this must-pass bill in hopes of ensuring that their ideas get a
chance to become law.
Rep. Kevin Yoder (R-KS) used this opportunity to include as an amendment the
Email Privacy Act, a piece of legislation long-favored by EFF. The Email
Privacy Act would codify the rule announced by the Sixth Circuit—and now
followed by providers nationwide—that requires government agents to first
obtain a probable cause warrant when seeking the content of communications
stored by companies like Google, Facebook, Slack, Dropbox, and Microsoft.
On Thursday night, the House approved the NDAA—including the amendment with
the Email Privacy Act—in a 351-66 vote. We applaud the House’s inclusion
of this important statutory language.
https://www.eff.org/deeplinks/2018/05/email-privacy-act-comes-back-hopefully-stay
* What to Watch for in an Internet Without Net Neutrality (And How To Stop It)
On Monday, June 11, the FCC's rollback of net neutrality rules went into
effect, but don't expect the Internet to change overnight.
You can look forward to an Internet that's slower when you're trying to visit
less popular sites, and where online services get a bit more expensive
because they have to pay protection money to the ISPs. It will be harder for
new companies to come in and compete with the ones that paid for fast lanes,
and the nonprofit information resources on the web will be harder to use.
It's not going to be a flashy apocalypse; it will be a slow decline into the
Internet of ISP gatekeeping, and you probably won't even know what neat
services and helpful resources you're missing. And one day, when the ISPs are
secure in their victory, they'll test the waters and see if you'll pay extra
to access anything that's not Facebook, or Comcast's video platform, or
AT&T's paying partners.
* It’s Time for Payment Processors Like Stripe and Paypal to Start Publishing Transparency Reports
Modern payment processors are making hard choices every day about how and
when they’ll stand up for users. Whether they comply with or reject a
government request for user data and whether they shut down an account or
leave it up can have enormous ramifications for what types of speech can
thrive online. These choices shouldn’t be made in a bubble, shielded from
public oversight.
Payment processors like Stripe, Paypal, Bitpay, and Coinbase are the
intermediaries that allow you to support your favorite websites, send
donations, and make purchases online. They’re often privy to details of
your financial life, which can be deeply revealing. Given how sensitive this
information is, you might assume that law enforcement agents must show
probable cause to a judge and receive a search warrant before accessing
financial records. But you’d be wrong. Financial data is frequently
obtained through a less stringent process, such as a subpoena, a 314 (a)
request, or a National Security Letter, none of which require review from a
judge before being sent to the financial service provider.
The first, simplest, most modest and reasonable step to shine a light on
government action is a transparency report on the government requests for
user data and account shutdowns, which has become standard practice across
other industries where companies hold sensitive data.
* The EU's Copyright Proposal is Extremely Bad News for Everyone, Even (Especially!) Wikipedia
The pending update to the EU Copyright Directive is coming up for a committee
vote on June 20 or 21 and a parliamentary vote either in early July or late
September. While the directive fixes some longstanding problems with EU
rules, it creates much, much larger ones: problems so big that they threaten
to wreck the Internet itself.
Under Article 13 of the proposal, sites that allow users to post text,
sounds, code, still or moving images, or other copyrighted works for public
consumption will have to filter all their users' submissions against a
database of copyrighted works. Sites will have to pay to license the
technology to match submissions to the database, and to identify near matches
as well as exact ones. Sites will be required to have a process to allow
rightsholders to update this list with more copyrighted works.
Even under the best of circumstances, this presents huge problems. Algorithms
that do content-matching are frankly terrible at it. The Made-in-the-USA
version of this is YouTube's Content ID system, which improperly flags
legitimate works all the time, but still gets flack from entertainment
companies for not doing more.
* A Constitutional Conundrum That’s Not Going Away—Unequal Access to Social Media Posts
Among the many privacy challenges posed by social media, one has flown
largely under the radar: balancing defendants’ due process rights to access
exculpatory information against the crucial privacy protections of the Stored
Communications Act (SCA). Here’s the problem: prosecutors have broad powers
to demand access to stored communications as necessary to pursue their case,
but defendants do not. That means the scales are tipped in favor of
prosecutors, which seem unfair. But a more balanced approach would likely
require eroding privacy protections – protections that are more necessary
than ever.
There does not seem to be an easy answer to this constitutional conundrum.
While the imbalance of power between the prosecution and the defense in
access to available electronic evidence is unfair, we should not seek to
correct it by sacrificing hard-won privacy protections. We need to get this
issue right, and that starts with giving it more visibility and debating
solutions.
* Author Trademarks the Word 'Cocky,' Earns the Ire of Romance Writers Everywhere
Bogus copyright and trademark complaints have threatened all kinds of
creative expression on the Internet. EFF's Hall Of Shame collects the worst
of the worst. New to the Hall Of Shame is the tale of a romance author who
got a trademark in the word "cocky" and proceeded to send letters to other
writers with "cocky" in the titles of their books. Unsurprisingly, this
attack on a popular double entendre of the romance set did not go over well
at all.
https://www.eff.org/takedowns/author-trademarks-cocky-earns-ire-romance-writers-everywhere
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
Announcements
* Cryptoparty Hosted by Cypurr
Being able to communicate safely and privately with friends and family is
part of the foundation of all our lives, so it's also a key skill for using
the Internet. This month's cryptoparty will go over easy ways to talk, chat,
and email securely online. It's always good to review the tools and habits
that our digital security depend on, especially with the recent Signal
Desktop flaws and the e-Fail email exploits.
https://www.eff.org/event/cryptoparty-hosted-cypurr-5
* Discussion Hosted by TA3M Portland
This month, learn what Senator Ron Wyden and his team are doing to protect
your privacy! Grace Stratton from Sen. Wyden's local office will be at the
meeting, and Chris Soghoian from the D.C. office will join us remotely to
discuss surveillance, cybersecurity, and consumer privacy.
https://www.eff.org/event/discussion-hosted-ta3m-portland-6
* Cypurr Social
Join The CyPurr Collective for another SUPER FUN SOCIAL. Hang out, meet other
tech-minded folks, ask questions on cybersecurity issues, and generally snack
out and enjoy the feature presentation!
This month we'll be watching Wall-E, with an Adventure Time short to start
off the night!
https://www.eff.org/event/cypurr-social
* hack.summit(“blockchain”)
EFF has been selected as one of the exclusive non-profit partners of
hack.summit() which made history for running the largest virtual developer
conference of all time. As a non-profit partner, we will be receiving funds
generated by ticket sales & sponsorships from the event. This year’s event,
hack.summit(“blockchain”), focuses on spreading and democratizing
knowledge about blockchain and cryptocurrencies to attendees around the
world.
https://www.eff.org/event/hacksummitblockchain
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
Job Openings
* Staff Technologist – JavaScript Developer
EFF is seeking a full-time Staff Technologist to work with our Browser
Extensions team as the lead developer for [1]HTTPS Everywhere [2].
[1] https://www.eff.org/https-everywhere
[2] https://www.eff.org/https-everywhere
https://www.eff.org/opportunities/jobs/staff-technologist-javascript-developer
* Civil Liberties Staff Attorney
EFF is looking to hire an experienced litigator with an unshakeable sense of
justice and Fourth Amendment expertise to join our civil liberties team.
https://www.eff.org/opportunities/jobs/civil-liberties-staff-attorney
* Grant Writer - Temporary
EFF is looking for a temporary Grant Writer to support EFF's fundraising
operations during a team member’s leave of absence. Do you love Internet
freedom? Do you have experience in persuasive writing and grant management?
Consider joining us!
https://www.eff.org/opportunities/jobs/grant-writer-temporary
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
MiniLinks
- UAE Jails Rights Activist Ahmed Mansoor Over Social Media Posts
Ahmed Mansoor, the blogger and human rights activist, has been sentenced in
the UAE to 10 years imprisonment, simply for writing criticism of the
government on social media. (DW)
http://www.dw.com/en/uae-jails-rights-activist-ahmed-mansoor-over-social-media-posts/a-44013727
- Google Plans Not to Renew Its Contract for Project Maven, a Controversial Pentagon Drone AI Imaging Program
In a big win for ethical AI principles, Google will back away from military
AI contracting. (Gizmodo)
https://gizmodo.com/google-plans-not-to-renew-its-contract-for-project-mave-1826488620
- Digital License Plates Roll Out In California
With digital license plate location data, "it's still not clear where all
this information is going, how long it's stored or who has access to it."
(NPR)
- Edward Snowden: 'The People Are Still Powerless, But Now They're Aware'
In 2013, many thought encryption was just "for the targeted and the
paranoid," says EFF's Jillian York. Then Edward Snowden came on the scene.
(The Guardian)
https://www.theguardian.com/us-news/2018/jun/04/edward-snowden-people-still-powerless-but-aware
- Facebook Gave Device Makers Deep Access to Data on Users and Friends
Right now, it's unclear how much Facebook user data was shared through deals
with hardware manufacturers—but it is clear that Facebook has a consent
problem. (The New York Times)
- The NSA Just Released 136 Historical Propaganda Posters
The NSA has released 136 Mad Men-era posters that reminded employees of the
importance of security—and the dangers of leaking. Apparently, some things
never go out of style. (Motherboard)
https://motherboard.vice.com/en_us/article/43548d/nsa-historical-propaganda-posters-foia
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
-------- SUPPORTED BY DONORS