Electronic Frontier Foundation: Annual update

From DevSummit
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

The EFF

Electronic Frontier Foundation- what’s the news?

- Has four branches: law, activism, technologies, international - Is widely interested in privacy, free speech

Law

- really small legislative team, but this year the EFF has been doing a lot of legislation

- [702](https://www.eff.org/702-spying)

- [SESTA - stop enabling sex traffickers act](https://stopsesta.org/)

- [Computer Front and Abuse Act](https://www.eff.org/issues/cfaa)

- 1986 federal hacking statue

- super vague

- based on the hit movie War Games with Matthew Broderick

- “it is a violation of federal law to access a computer without permission”

- In practice, this covers TOS violations if the violated company sends an email revoking permission to access the site

- used to protect trade secrets

- supposed to be “anti-hacking”, but what does that even mean?

- autonomous vehicle legislation

- honest ads act

- filed comments with the FEC about the importance of protecting anonymous online speech

- lack of transparency around advertising practices will be more useful than removing anonymity

- [linkedIn vs HiQ](https://www.eff.org/deeplinks/2017/08/judge-cracks-down-linkedins-shameful-abuse-computer-break-law)

- cease & desist about bots on sites

- intermediary liability: when should a web platform be held liable for the acts of its users?

- the fight over the CDA gave rise to [CDA230](https://www.eff.org/issues/cda230), which describes when a platform can be held liable, and establishes that the platforms can’t be prosecuted under state criminal or civil law

- [SESTA](https://stopsesta.org/) would remove these protections for platforms that host sex trafficking, which would require all platforms to protect themselves by censoring sex

- especially because states define sex trafficking so differently

- SESTA puts a lot of faith in automated filters, which are not silver bullets for this purpose, and [disproportionally affect marginalized communities](https://www.eff.org/deeplinks/2017/09/stop-sesta-whose-voices-will-sesta-silence)

- [sec 1201 of the DMCA](https://www.eff.org/issues/dmca)

- DMCA legistlated copyright on the internet

- 1201 makes breaking DRM illegal

- currently, there’s a 3 year process for requesting permission to break DRM

- [which is stupid and unconstitutional, and the EFF is suing the copyright office about this](https://www.eff.org/press/releases/eff-lawsuit-takes-dmca-section-1201-research-and-technology-restrictions-violate)

- hardware modding is good for hobbyists as well as security; outside testing and scrutiny can find problems before the problems hurt people

- [US vs. Carpenter](https://www.eff.org/document/united-states-v-carpenter-sixth-circuit-court-appeals-csli): Does the 4th amendment apply to data held by third parties?

Activism

- grassroots organizing, fighting laws through citizen action

- Intellectual property issues - patents, copyrights, trademarks

- [EFA - Electronic Frontier Alliance](https://www.eff.org/electronic-frontier-alliance)

- local chapters addressing the needs of their communities

- chapters started out being called things like “EFF Austin”, but now are encouraged to find their own identites

- public surveillance

- [community control over police surveillance](https://www.aclu.org/issues/privacy-technology/surveillance-technologies/community-control-over-police-surveillance) - before buying equipment, police offices must present to a board about the impact, intent, and policies of the equipment. similar to New York’s POST act, except the POST act prevents the city council from saying no

- protecting library check-out records

- benefits to chapters:

- signal boosts across EFA

- training

- sharing knowledge and resources with other chapters and with the EFF

Technology

- the EFF was the first non-profit to hire technologists

- focused on privacy and encryption

- [https everywhere!](https://www.eff.org/https-everywhere) - oportunistic encryption add-on

- [let’s encrypt](https://letsencrypt.org/) - removes gatekeeping on ssl certificates

- [certbot](https://certbot.eff.org/) - bring https to people and orgs who can’t afford it

- CAs invented Extended Validation so they could keep charging money

- browser extensions to anonymize traffic

- [privacy badger](https://www.eff.org/privacybadger)

- adds and site add-ons can track you across the web in order to record and predict your behavior

- privacy badger takesn an algorithmic, heuristic approach to blocking

- identifies potential trackers, verifies that they are tracking, and then blocks them

- targeted advertising is bad for you

International team

- [supporting imprisoned bloggers & technologists, helping free them](https://www.eff.org/offline)

Scary current things

- a cell site simulator, which tricks your phone into thinking that it’s talking to a phone tower, so that your phone sends all the SMS, voice, data identifying info to the catcher

- requires a warrant, but the warrant request can be for something very different from what they’re actually doing, like “wiretap”

- reports every ping to a cell tower

- including pings sent from inside the home, which is protected by the 4th amendment

- can triangulate cell location by gauging signal strength

- can also modify text messages x_x

Retrieved from "https://devsummit.aspirationtech.org/index.php?title=Electronic_Frontier_Foundation:_Annual_update&oldid=2481"