Verizon advertising partner Turn has been caught using Verizon Wireless’s UIDH tracking header to resurrect deleted tracking cookies and share them with dozens of major websites and ad networks, forming a vast web of non-consensual online tracking. Explosive research from Stanford security expert Jonathan Mayer shows that, as we warned in November, Verizon’s UIDH header is being used as an undeletable perma-cookie that makes it impossible for customers to meaningfully control their online privacy. Hold Verizon accountablefor violating users’ privacy <!—->Mayer’s research, described in ProPublica, shows that advertising network and Verizon partner Turn is using the UIDH header value to…
Author: EFFSource
Senators are now working around the clock to re-introduce a bill that would put trade agreements on the fast track to passage in the US after those deals are finalized. Deals like the Trans-Pacific Partnership (TPP) and the Trans-Atlantic Trade and Investment Partnership (TTIP) have been negotiated in almost complete secrecy, except for private industry advocates serving on trade advisory committees who can read and comment on these texts. That has enabled these agreements to include extreme copyright and other digital policy provisions that would bind all signatory nations to draconian rules that would hinder free speech, privacy, and access…
The Federal Election Commission (FEC) is considering amping up its regulation of online political speech—an idea that should be rejected from the get-go. Back in 2006, the FEC adopted a limited approach to regulating the Internet. Some FEC commissioners feel that its approach has grown outdated. But increased regulation of the Internet would threaten both free speech and privacy. We have the opportunity to nip any new Internet regulations in the bud by convincing the FEC to maintain its commitment to protecting individuals’ online speech. The FEC is accepting comments on whether or not to develop new Internet rules. EFF…
PEN America published a report this week summarizing the findings from a recent survey of 772 writers around the world on questions of surveillance and self-censorship. The report, entitled “Global Chilling: The Impact of Mass Surveillance on International Writers,” builds upon a late 2013 survey of more than 500 US-based writers conducted by the organization. The latest survey found that writers living in liberal democratic countries “have begun to engage in self-censorship at levels approaching those seen in non-democratic countries, indicating that mass surveillance has badly shaken writers’ faith that democratic governments will respect their rights to privacy and freedom…
Normally when you buy a product that has a hidden defect, consumer protection law in your state or country comes to the rescue. For example, if you purchase a product—say, a book—it comes with an implicit promise that it will be fit for the ordinary purposes that books are used for, such as allowing you to read it, quote from it, lend it to others, summarize it on your blog, and donate or recycle it when you’re done. If the book can’t be used in these common-sense ways, and you weren’t warned about that before handing over your money, consumer…
Today we launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to our action center quickly and easily, using a variety of mobile devices. Sadly, though, we had to leave out Apple devices and the folks who use them. Why? Because we could not agree to the outrageous terms in Apple’s Developer Agreement and Apple’s DRM requirements. As we have been saying for years now, the Developer Agreement is bad for developers and users alike. Here are a few of the terms…
This past year, EFF has been on the road, traveling from country to country across Latin America to share our message of freedom to local partners and friends. While we enjoyed the opportunity to talk about our lawsuits against the NSA, as well as the dangers of location tracking and biometric data collection practices, the best part of the trip was learning about all the inspiring advocacy happening everyday on the local level. We first stopped in Mexico, where we met local advocates and security researchers who courageously fought against the country’s newest data retention law. (For those who are…
DNA can reveal an extraordinary amount of private information about you, including familial relationships, medical history, predisposition for disease, and possibly even behavioral tendencies and sexual orientation. While DNA testing in a criminal context has some benefits—such as supporting innocence claims—the mass, suspicionless collection, testing, and storing of genetic material from large populations creates a danger for privacy that only grows with each new scientific discovery in the field of genomics. In this post, EFF Senior Staff Attorney Jennifer Lynch discusses state and federal cases that addressed DNA collection in 2014, following the Supreme Court’s landmark ruling in Maryland v. King.…
EFF was suing the NSA before it was cool. We filed our first lawsuit against the NSA for mass spying in 2008, after the NSA butted into our lawsuit against AT&T for helping the NSA do mass spying. We’ve also been doing Freedom of Information lawsuits trying to ensure you know what the NSA is up to for many years before that. But when it comes to fighting unconstitutional spying, the more the merrier. And 2014 was awfully merry: litigation challenging NSA surveillance moved forward in multiple cases, giving the government plenty of time to demonstrate exactly how outrageous its…
A draft of the Trans-Pacific Partnership’s (TPP) Intellectual Property chapter from May 2014 leaked this past fall, confirming what previous leaks had suggested: this so-called trade agreement would bring copyright enforcement provisions that threaten users’ right to free expression, privacy, and unfettered access to knowledge online. This leaked text also revealed new terms on the misuse of trade secrets. These are dangerously vague and could be used to enact harsh criminal punishments against anyone who reveals or even accesses information through an allegedly confidential “computer system.” This language could have alarming consequences if it obligates nations to enact new laws…
Three major vulnerabilities rocked the world of Internet security this year, including two high-profile bugs that jeopardized the security of HTTPS encryption itself. These vulnerabilities may have each cost sysadmins around the world some sleepless nights, but they also reinforced the idea that best security practices can protect users even where the software has bugs. Heartbleed: In April, two teams of researchers disclosed an issue with the way the popular OpenSSL software implemented an extension called a “heartbeat.” Normally, a heartbeat allows you to make sure a server is still online, by asking it to respond at a regular interval.…
EFF submitted an amicus letter to the California Supreme Court urging the justices to review a case that has significant implications for the free speech rights of anonymous online speakers under California law. EFF wrote the amicus letter in support of an anonymous defendant (Doe 1) who created a website to bring to light what he (or she) believes are abuses being perpetrated against the local Maasai population in Tanzania by a safari company. The company sued the defendant in California for defamation because he used the California-based Weebly web hosting service. Doe 1 filed and lost an anti-SLAPP motion…
It’s been a mixed year for open access but we’ve seen some real victories and a steady march toward a comprehensive federal open access policy. We entered January with a bad taste still in our mouth: the previous month, the academic publisher Reed Elsevier sent thousands of copyright takedown notices to researchers, universities, and scholarly startups that were all hosting the researchers’ own works. In doing so, the lumbering giant alienated a significant swath of its readership—who also happen to be its content providers. In the middle of the year, we heard about Colombian master’s student Diego Gomez, who had…
What if there were one thing we could do today to make it harder for the NSA and other intelligence agencies to eavesdrop on millions of people’s email communications, without users having to change their habits at all? There is. It’s called STARTTLS for email, a standard for encrypting email communications. 2014 saw more and more email providers implementing it. STARTTLS for email is described as server-to-server encryption, because it protects your email from eavesdroppers on the Internet, but not from your email provider, who runs the servers that send and receive your email. Server-to-server encryption is contrasted with end-to-end…
Back in January, Congress held a hearing on the state of fair use, as part of a year-long review of all things copyright that, in 2015, may lead to real legislative proposals. Among the witnesses was Professor Peter Jaszi, who had good news for the Committee: “[F]air use is working!” Meaning that, on balance, the fair use doctrine is doing its job: helping to ensure that copyright promotes, rather than impedes, creativity and innovation. Several legal decisions this year suggest he is right. In June, for example, the Second Circuit Court of Appeals held that fair use sheltered book digitization,…
After a banner year for shedding light on the NSA’s secret surveillance programs in 2013, the pace of disclosures in 2014—both from whistleblowers and through Freedom of Information Act (FOIA) lawsuits—slowed significantly. But that’s not because all the secrets of NSA surveillance have been revealed. In fact, some of the most significant information about the NSA’s surveillance programs still remain secret. Despite one of the most significant leaks in American history and despite a promise to declassify as much information as possible about the programs, nearly two years later the government still refuses to provide the public with the information…
In the midst of the global surveillance debate, talk of online censorship has often taken a backseat. Yet, all around the world, the inalienable right to freedom of expression is violated on a regular basis. While in 2014, issues such as terrorism and online harassment generated new discussions of speech rights, censorship of political and religious speech—as well as “obscenity” and content deemed a risk to “national security”—remains all too common. A recent Guardian editorial declared online freedom to be “under attack” all around the world. Citing examples from serial offenders China and Russia, the authors state that “repressive techniques…
Last year, EFF took a huge step toward eliminating a highly problematic government surveillance tool—national security letters (NSLs). EFF clients won a major victory when a district court found that the NSL gag provision, which allows the government to bar recipients from speaking about NSLs without judicial review, is a prior restraint on speech in violation of the First Amendment. 2014 was a year of critical next steps and increasing attention for these often overlooked—but heavily used (and sometimes abused)—tools. On October 8, 2014, the United States Court of Appeals for the Ninth Circuit heard oral argument in the government’s…
Copyright law remains just as broken in 2014 as it was in 2013, but some countries have been tinkering around the edges of copyright this year in an attempt to address its flaws. The United Kingdom stands out as a country where the need for copyright reform has been comprehensively studied over the past decade, and where a number of key recommendations of the most recent study—for once—were not shelved, but actually found their way into the law books. These included provisions facilitating the use of copyright works by students, researchers, teachers, libraries and the disabled. The rest of Europe…
At the close of 2013, we made a wish for the upcoming year: With revelations of the NSA’s unlawful and unjust data interception programs snooping on much of the critical infrastructure of the Internet still fresh in our minds, one of our big holiday wishes was for 2014 to be the year of web encryption. And as a part of this effort we built the Encrypt the Web Report: a way to keep track of how well web companies and services are doing to encrypt their traffic. As we look at the year behind us, we’re happy to report that…