Electronic Frontier Foundation: Annual update

From DevSummit
Revision as of 00:41, 29 November 2017 by Evelyn (talk | contribs) (Created page with " =The EFF= Electronic Frontier Foundation- what’s the news? - Has four branches: law, activism, technologies, international - Is widely interested in privacy, free speech...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


The EFF

Electronic Frontier Foundation- what’s the news?

- Has four branches: law, activism, technologies, international - Is widely interested in privacy, free speech

Law

- really small legislative team, but this year the EFF has been doing a lot of legislation - [702](https://www.eff.org/702-spying) - [SESTA - stop enabling sex traffickers act](https://stopsesta.org/) - [Computer Front and Abuse Act](https://www.eff.org/issues/cfaa) - 1986 federal hacking statue - super vague - based on the hit movie War Games with Matthew Broderick - “it is a violation of federal law to access a computer without permission” - In practice, this covers TOS violations if the violated company sends an email revoking permission to access the site - used to protect trade secrets - supposed to be “anti-hacking”, but what does that even mean? - autonomous vehicle legislation - honest ads act - filed comments with the FEC about the importance of protecting anonymous online speech - lack of transparency around advertising practices will be more useful than removing anonymity - [linkedIn vs HiQ](https://www.eff.org/deeplinks/2017/08/judge-cracks-down-linkedins-shameful-abuse-computer-break-law) - cease & desist about bots on sites - intermediary liability: when should a web platform be held liable for the acts of its users? - the fight over the CDA gave rise to [CDA230](https://www.eff.org/issues/cda230), which describes when a platform can be held liable, and establishes that the platforms can’t be prosecuted under state criminal or civil law - [SESTA](https://stopsesta.org/) would remove these protections for platforms that host sex trafficking, which would require all platforms to protect themselves by censoring sex - especially because states define sex trafficking so differently - SESTA puts a lot of faith in automated filters, which are not silver bullets for this purpose, and [disproportionally affect marginalized communities](https://www.eff.org/deeplinks/2017/09/stop-sesta-whose-voices-will-sesta-silence) - [sec 1201 of the DMCA](https://www.eff.org/issues/dmca) - DMCA legistlated copyright on the internet - 1201 makes breaking DRM illegal - currently, there’s a 3 year process for requesting permission to break DRM - [which is stupid and unconstitutional, and the EFF is suing the copyright office about this](https://www.eff.org/press/releases/eff-lawsuit-takes-dmca-section-1201-research-and-technology-restrictions-violate) - hardware modding is good for hobbyists as well as security; outside testing and scrutiny can find problems before the problems hurt people - [US vs. Carpenter](https://www.eff.org/document/united-states-v-carpenter-sixth-circuit-court-appeals-csli): Does the 4th amendment apply to data held by third parties?

activism

- grassroots organizing, fighting laws through citizen action - Intellectual property issues - patents, copyrights, trademarks - [EFA - Electronic Frontier Alliance](https://www.eff.org/electronic-frontier-alliance) - local chapters addressing the needs of their communities - chapters started out being called things like “EFF Austin”, but now are encouraged to find their own identites - public surveillance - [community control over police surveillance](https://www.aclu.org/issues/privacy-technology/surveillance-technologies/community-control-over-police-surveillance) - before buying equipment, police offices must present to a board about the impact, intent, and policies of the equipment. similar to New York’s POST act, except the POST act prevents the city council from saying no - protecting library check-out records - benefits to chapters: - signal boosts across EFA - training - sharing knowledge and resources with other chapters and with the EFF

technology

- the EFF was the first non-profit to hire technologists - focused on privacy and encryption - [https everywhere!](https://www.eff.org/https-everywhere) - oportunistic encryption add-on - [let’s encrypt](https://letsencrypt.org/) - removes gatekeeping on ssl certificates - [certbot](https://certbot.eff.org/) - bring https to people and orgs who can’t afford it - CAs invented Extended Validation so they could keep charging money - browser extensions to anonymize traffic - [privacy badger](https://www.eff.org/privacybadger) - adds and site add-ons can track you across the web in order to record and predict your behavior - privacy badger takesn an algorithmic, heuristic approach to blocking - identifies potential trackers, verifies that they are tracking, and then blocks them - targeted advertising is bad for you

international team

- [supporting imprisoned bloggers & technologists, helping free them](https://www.eff.org/offline)

Scary current things

- a cell site simulator, which tricks your phone into thinking that it’s talking to a phone tower, so that your phone sends all the SMS, voice, data identifying info to the catcher - requires a warrant, but the warrant request can be for something very different from what they’re actually doing, like “wiretap” - reports every ping to a cell tower - including pings sent from inside the home, which is protected by the 4th amendment - can triangulate cell location by gauging signal strength - can also modify text messages x_x