_______ _______ _______ (_______)(_______)(_______) _ _____ _____ _____ _____ ____ _| |_ ___ ____ | ___) | ___) | ___)| ___ | / ___)(_ _)/ _ \ / ___) | |_____ | | | | | ____|( (___ | |_| |_| || | |_______)|_| |_| |_____) ____) __)___/ |_|
EFFector Vol. 31, No. 7 Monday, May 7, 2018 editor@eff.org
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
effector: n, Computer Sci. A device for producing a desired change.
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
In our 733rd issue:
* Red Alert: Tell Congress to Use the Congressional Review Act to Restore the Open Internet Order In December, the FCC voted to end the 2015 Open Internet Order, which prevented Internet service providers (ISPs) like AT&T and Comcast from violating net neutrality principles. A simple majority vote in Congress can keep the FCC’s decision from going into effect. From now until the Senate votes, EFF, along with a coalition of organizations, companies, and websites, is on red alert and calling on you to tell Congress to vote to restore the Open Internet Order.
Read more: https://www.eff.org/deeplinks/2018/05/red-alert-net-neutralirty-tell-congres...
* Bring in the Nerds: EFF Introduces Actual Encryption Experts to U.S. Senate Staff On May 3, in the U.S. Capitol Visitor Center, EFF convened a closed-door briefing for Senate staff about the realities of device encryption. While policymakers hear frequently from the FBI and the Department of Justice about the dangers of encryption and the so-called Going Dark problem, they very rarely hear from actual engineers, cryptographers, and computer scientists. EFF's panelists included Dr. Matt Blaze, professor of computer science at the University of Pennsylvania, Dr. Susan Landau, professor of cybersecurity and policy at Tufts University; Erik Neuenschwander, Apple’s manager of user privacy; and EFF’s tech policy director Dr. Jeremy Gillula.
The discussion focused on renewed calls by the FBI and DOJ to create mechanisms to enable “exceptional access” to encrypted devices. Our goal was to give a technical description of how device encryption actually works and answer staff questions about the risks that exceptional access mechanisms necessarily introduce into the ecosystem. EFF's Gillula went last and concluded that in the cat-and-mouse game that is computer security, mandating exceptional access would freeze the defenders’ state of the art, while allowing attackers to progress without limit.
Read more: https://www.eff.org/deeplinks/2018/05/bring-nerds-eff-introduces-actual-encr...
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
EFF Updates
* A Tale of Two Poorly Designed Cross-Border Data Access Regimes Recently, the European Commission published two legislative proposals that could further cement an unfortunate trend towards privacy erosion in cross-border state investigations. Building on a foundation first established by the recently enacted U.S. CLOUD Act, these proposals compel tech companies and service providers to ignore critical privacy obligations in order to facilitate easy access when facing data requests from foreign governments. These initiatives collectively signal the increasing willingness of states to sacrifice privacy as a way of addressing pragmatic challenges in cross-border access that could be better solved with more training and streamlined processes.
https://www.eff.org/deeplinks/2018/04/tale-two-poorly-designed-cross-border-...
* Math Can’t Solve Everything: Questions We Need To Be Asking Before Deciding an Algorithm is the Answer Before rushing to employ algorithms to make decisions, companies should begin by asking five questions:
1) Will this algorithm influence—or serve as the basis of—decisions with the potential to negatively impact people’s lives? 2) Can the available data actually lead to a good outcome? 3) Is the algorithm fair? 4) How will the results (really) be used by humans? 5) Will people affected by these decisions have any influence over the system?
https://www.eff.org/deeplinks/2018/05/math-cant-solve-everything-questions-w...
* Why Am I Getting All These Terms of Service Update Emails? Europe's General Data Protection Regulation (GDPR) comes into force on May 25th, and most companies that have users in Europe are scrambling to update their privacy policies and terms of service to avoid breaking this new EU law. It's still an open question whether the rules apply to users living outside the EU, but the changes involve refinements in terminology, how companies need to get permission to use data, and changes in user ability to look at the data itself, change it, and take it with them when they leave.
https://www.eff.org/deeplinks/2018/05/why-am-i-getting-all-these-terms-servi...
* The Big Lie ISPs Are Spreading in State Legislatures Is That They Don’t Make Enough Money ISPs claim that the net neutrality principle banning paid prioritization—where an ISP charges websites and applications new fees and relegate those that do not pay to the slow lane—means that they cannot make enough money to upgrade and extend their service. We know this isn't true because the majority of costs for ISPs are in the initial building of their networks, which they have already recouped. And we've recently seen new ISPs build high-speed Internet networks turn a profit relatively quickly while adhering to net neutrality.
https://www.eff.org/deeplinks/2018/05/big-lie-isps-are-spreading-state-legis...
* Mashup Maker: Another Entry for the Catalog of Missing Devices From an EFF Supporter Section 1201 of the Digital Millennium Copyright Act makes tampering with "Digital Rights Management" a legal no-go zone. This scares off inventors and tinkerers from building new tools that should be perfectly legal. EFF details examples of these non-existent technologies in the Catalogue of Missing Devices. EFF supporter Benjamin McLean offered up his "Mashup Maker" as an example. This program would have ripped tracks legally acquired and imported them into a personal library with a built-in editor, making it easier for people to make fair use of these tracks.
https://www.eff.org/deeplinks/2018/05/mashup-maker-another-entry-catalog-mis...
* There is No Middle Ground on Encryption Government officials are once again insisting that they still need to compromise our security via a backdoor for law enforcement. Opponents of encryption imagine that there is a “middle ground” approach that allows for strong encryption but with “exceptional access” for law enforcement. Government officials claim that technology companies are creating a world where people can commit crimes without fear of detection.
Despite this renewed rhetoric, most experts continue to agree that exceptional access, no matter how you implement it, weakens security. The terminology might have changed, but the essential question has not: should technology companies be forced to develop a system that inherently harms their users? The answer hasn’t changed either: no.
https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
Announcements
* Certbot Hackathon in Cleveland, OH Are you coming to PyCon? Join our development sprint to help improve Certbot, the easy-to-use client that fetches and deploys SSL/TLS certificates from Let's Encrypt.
https://www.eff.org/event/pycon-certbot-development-sprint
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
Job Openings
* Member Outreach Assistant We're looking for an energetic Member Outreach Assistant to support EFF's fundraising operations and help build relationships with our growing community.
https://www.eff.org/opportunities/jobs/member-outreach-assistant
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
MiniLinks
- License Plate Surveillance Prompts New Concerns About Your Privacy Unrestrained, unmonitored sharing of data collected by automated license plate readers is a threat to privacy and public safety. (NBC San Diego)
https://www.nbcsandiego.com/news/local/License-Plate-Surveillance-Prompts-Ne...
- Technology turns our cities into spies for ICE, whether we like it or not Local law enforcement and other city agencies have been deploying spy technology that's "hurtling toward us so fast that privacy laws can't keep up." We need to fight back. (LA Times)
http://www.latimes.com/opinion/op-ed/la-oe-farivar-surveillance-tech-2018050...
- Once Again, Activists Must Beg the Government to Preserve the Right to Repair This year's "excruciating DMCA section 1201 exemption process" threatens the right to repair tractors, cars, and electronics is at stake. (Motherboard)
https://motherboard.vice.com/en_us/article/mbxzyv/dmca-1201-exemptions
- ISPs should charge for fast lanes—just like TSA Precheck, GOP lawmaker says In a way, Representative Marsha Blackburn is right that paid prioritization is like TSA Precheck. In that everyone else is stuck in a slow lane while those with money get to breeze past them. (Ars Technica)
https://arstechnica.com/tech-policy/2018/04/isps-should-charge-for-fast-lane...
- As the Number of Driverless Cars Increase, So Does the Need for Car Maker Transparency Self-driving car companies may not want to share accident data out of fear it will help competitors to progress faster. But the trade-off is a higher level of safety—and its a trade-off we should demand they make. (Los Angeles)
http://www.latimes.com/business/autos/la-fi-hy-driverless-data-20180430-stor...
- Halifax police won't charge teen arrested in Nova Scotia privacy breach Excellent news: Canadian police have dropped computer hacking charges against a 19-year-old who downloaded openly available information from a public records website. (CBC)
http://www.cbc.ca/news/canada/nova-scotia/police-drop-charges-in-nova-scotia...
- Oakland to require public approval of surveillance tech We must assure that there is transparency when cities allow police to acquire or use surveillance technology. On May 1, Oakland City Council voted in support of an important proposed Surveillance and Community Safety Ordinance to do just that. (East Bay Times)
https://www.eastbaytimes.com/2018/05/02/oakland-to-require-public-approval-o...
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
-------- SUPPORTED BY DONORS -------------------------------------------------
Our members make it possible for EFF to bring legal and technological expertise into crucial battles about online rights. Whether defending free speech online or challenging unconstitutional surveillance, your participation makes a difference. Every donation gives technology users who value freedom online a stronger voice and more formidable advocate.
If you aren't already, please consider becoming an EFF member today.
https://supporters.eff.org/join/effector
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Administrivia
Editor: Katharine Trendacosta, Policy Analyst editor@eff.org
EFFector is published by: The Electronic Frontier Foundation https://www.eff.org/
Membership & donation queries: membership@eff.org
General EFF, legal, policy, or online resources queries: info@eff.org
Reproduction of this publication in electronic media is encouraged. MiniLinks do not necessarily represent the views of EFF.
Back issues of EFFector are available via the Web at: https://www.eff.org/effector/
Unsubscribe from future mailings or change your email preferences: https://supporters.eff.org/update-your-preferences?cid1=2061725&cs=fe822...
Opt out of all EFF email: https://supporters.eff.org/civicrm/mailing/optout?reset=1&jid=58646&...
815 Eddy Street San Francisco, CA 94109-7701 United States