Difference between revisions of "Electronic Frontier Foundation: Annual update"
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | |||
=The EFF= | =The EFF= | ||
Line 68: | Line 67: | ||
- [US vs. Carpenter](https://www.eff.org/document/united-states-v-carpenter-sixth-circuit-court-appeals-csli): Does the 4th amendment apply to data held by third parties? | - [US vs. Carpenter](https://www.eff.org/document/united-states-v-carpenter-sixth-circuit-court-appeals-csli): Does the 4th amendment apply to data held by third parties? | ||
− | = | + | =Activism= |
- grassroots organizing, fighting laws through citizen action | - grassroots organizing, fighting laws through citizen action | ||
Line 95: | Line 94: | ||
- sharing knowledge and resources with other chapters and with the EFF | - sharing knowledge and resources with other chapters and with the EFF | ||
− | = | + | =Technology= |
- the EFF was the first non-profit to hire technologists | - the EFF was the first non-profit to hire technologists | ||
Line 121: | Line 120: | ||
- targeted advertising is bad for you | - targeted advertising is bad for you | ||
− | = | + | =International team= |
- [supporting imprisoned bloggers & technologists, helping free them](https://www.eff.org/offline) | - [supporting imprisoned bloggers & technologists, helping free them](https://www.eff.org/offline) |
Latest revision as of 00:44, 29 November 2017
The EFF
Electronic Frontier Foundation- what’s the news?
- Has four branches: law, activism, technologies, international - Is widely interested in privacy, free speech
Law
- really small legislative team, but this year the EFF has been doing a lot of legislation
- [702](https://www.eff.org/702-spying)
- [SESTA - stop enabling sex traffickers act](https://stopsesta.org/)
- [Computer Front and Abuse Act](https://www.eff.org/issues/cfaa)
- 1986 federal hacking statue
- super vague
- based on the hit movie War Games with Matthew Broderick
- “it is a violation of federal law to access a computer without permission”
- In practice, this covers TOS violations if the violated company sends an email revoking permission to access the site
- used to protect trade secrets
- supposed to be “anti-hacking”, but what does that even mean?
- autonomous vehicle legislation
- honest ads act
- filed comments with the FEC about the importance of protecting anonymous online speech
- lack of transparency around advertising practices will be more useful than removing anonymity
- [linkedIn vs HiQ](https://www.eff.org/deeplinks/2017/08/judge-cracks-down-linkedins-shameful-abuse-computer-break-law)
- cease & desist about bots on sites
- intermediary liability: when should a web platform be held liable for the acts of its users?
- the fight over the CDA gave rise to [CDA230](https://www.eff.org/issues/cda230), which describes when a platform can be held liable, and establishes that the platforms can’t be prosecuted under state criminal or civil law
- [SESTA](https://stopsesta.org/) would remove these protections for platforms that host sex trafficking, which would require all platforms to protect themselves by censoring sex
- especially because states define sex trafficking so differently
- SESTA puts a lot of faith in automated filters, which are not silver bullets for this purpose, and [disproportionally affect marginalized communities](https://www.eff.org/deeplinks/2017/09/stop-sesta-whose-voices-will-sesta-silence)
- [sec 1201 of the DMCA](https://www.eff.org/issues/dmca)
- DMCA legistlated copyright on the internet
- 1201 makes breaking DRM illegal
- currently, there’s a 3 year process for requesting permission to break DRM
- [which is stupid and unconstitutional, and the EFF is suing the copyright office about this](https://www.eff.org/press/releases/eff-lawsuit-takes-dmca-section-1201-research-and-technology-restrictions-violate)
- hardware modding is good for hobbyists as well as security; outside testing and scrutiny can find problems before the problems hurt people
- [US vs. Carpenter](https://www.eff.org/document/united-states-v-carpenter-sixth-circuit-court-appeals-csli): Does the 4th amendment apply to data held by third parties?
Activism
- grassroots organizing, fighting laws through citizen action
- Intellectual property issues - patents, copyrights, trademarks
- [EFA - Electronic Frontier Alliance](https://www.eff.org/electronic-frontier-alliance)
- local chapters addressing the needs of their communities
- chapters started out being called things like “EFF Austin”, but now are encouraged to find their own identites
- public surveillance
- [community control over police surveillance](https://www.aclu.org/issues/privacy-technology/surveillance-technologies/community-control-over-police-surveillance) - before buying equipment, police offices must present to a board about the impact, intent, and policies of the equipment. similar to New York’s POST act, except the POST act prevents the city council from saying no
- protecting library check-out records
- benefits to chapters:
- signal boosts across EFA
- training
- sharing knowledge and resources with other chapters and with the EFF
Technology
- the EFF was the first non-profit to hire technologists
- focused on privacy and encryption
- [https everywhere!](https://www.eff.org/https-everywhere) - oportunistic encryption add-on
- [let’s encrypt](https://letsencrypt.org/) - removes gatekeeping on ssl certificates
- [certbot](https://certbot.eff.org/) - bring https to people and orgs who can’t afford it
- CAs invented Extended Validation so they could keep charging money
- browser extensions to anonymize traffic
- [privacy badger](https://www.eff.org/privacybadger)
- adds and site add-ons can track you across the web in order to record and predict your behavior
- privacy badger takesn an algorithmic, heuristic approach to blocking
- identifies potential trackers, verifies that they are tracking, and then blocks them
- targeted advertising is bad for you
International team
- [supporting imprisoned bloggers & technologists, helping free them](https://www.eff.org/offline)
Scary current things
- a cell site simulator, which tricks your phone into thinking that it’s talking to a phone tower, so that your phone sends all the SMS, voice, data identifying info to the catcher
- requires a warrant, but the warrant request can be for something very different from what they’re actually doing, like “wiretap”
- reports every ping to a cell tower
- including pings sent from inside the home, which is protected by the 4th amendment
- can triangulate cell location by gauging signal strength
- can also modify text messages x_x