The Electronic Frontier Foundation (EFF) provides a quick overview of your rights when entering the United States:
March 11, 2017
January 25, 2017
Cory Doctorow reports on a hopeful sign that we might be able to get rid of one of the more pernicious aspects of the DMCA rules:
Section 1201 of the 1998 Digital Millennium Copyright Act makes it both a crime and a civil offense to tamper with software locks that control access to copyrighted works — more commonly known as “Digital Rights Management” or DRM. As the number of products with software in them has exploded, the manufacturers of these products have figured out that they can force their customers to use their own property in ways that benefit the company’s shareholders, not the products’ owners — all they have to do is design those products so that using them in other ways requires breaking some DRM.
The conversion of companies’ commercial preferences into legally enforceable rights has been especially devastating to the repair sector, a huge slice of the US economy, as much as 4% of GDP, composed mostly of small mom-n-pop storefront operations that create jobs right in local communities, because repair is a local business. No one wants to send their car, or even their phone, to China or India for servicing.
Three states are considering “Right to Repair” bills that would override the DMCA’s provisions, making it legal to break DRM to effect repairs, ending the bizarre situation where cat litter boxes are given the same copyright protection as the DVD of Sleeping Beauty. Grassroots campaigns in Nebraska, Minnesota, and New York prompted the introduction of these bills and there’s more on the way. EFF and the Right to Repair coalition are pushing for national legislation too, in the form of the Unlocking Technology Act.
October 29, 2015
At Ars Technica, Dan Goodin discussed the imminent availability of free HTTPS certificates to all registered domain owners:
A nonprofit effort aimed at encrypting the entire Web has reached an important milestone: its HTTPS certificates are now trusted by all major browsers.
The service, which is backed by the Electronic Frontier Foundation, Mozilla, Cisco Systems, and Akamai, is known as Let’s Encrypt. As Ars reported last year, the group will offer free HTTPS certificates to anyone who owns a domain name. Let’s Encrypt promises to provide open source tools that automate processes for both applying for and receiving the credential and configuring a website to use it securely.
HTTPS uses the transport layer security or secure sockets layer protocols to secure websites in two important ways. First, it encrypts communications passing between visitors and the Web server so they can’t be read or modified by anyone who may be monitoring the connection. Second, in the case of bare bones certificates, it cryptographically proves that a server belongs to the same organization or person with control over the domain, rather than an imposter posing as that organization. (Extended validation certificates go a step beyond by authenticating the identity of the organization or individual.)
June 19, 2015
Earlier this month, Noah Swartz exhorted the Mozilla folks to put some energy and effort behind the Firefox Tracking Protection technology. While we wait for that to come to fruition, he also recommends the Electronic Frontiers Foundation’s Privacy Badger for Firefox users:
In her blog post, [Monica] Chew flags the need for Mozilla’s management to ensure that this essential protection reaches users, and to recognize that “current advertising practices that enable ‘free’ content are in direct conflict with security, privacy, stability, and performance concerns.” Since advertising industry groups flatly refused to respect the Do Not Track header as a privacy opt-out from data collection, the only line of defense we have against non-consensual online tracking is our browsers.
Safari and Internet Explorer have taken important steps to protect their users against web tracking: Safari blocks third party cookies out of the box, and IE offers a prominent tracker-blocking option. But mainstream users of open source browsers are out of luck. Until that changes, our Privacy Badger add-on for Firefox and Chrome remains perhaps the only one-click solution for users who want to protect their privacy as they browse the web. Since Privacy Badger requires no configuration, we encourage any user who is concerned about online tracking to add it to their browser.
January 15, 2015
Last week, the Electronic Frontier Foundation‘s Corynne McSherry had to break the sad news to Apple iPhone users that due to Apple’s incredibly restrictive developer rules, the EFF cannot produce an iPhone version of their mobile app:
As we have been saying for years now, the [Apple] Developer Agreement is bad for developers and users alike. Here are a few of the terms that we are worried about:
Ban on Public Statements: Section 10.4 prohibits developers from making any “public statements” about the terms of the Agreement. This is particularly strange, since the Agreement itself is not “Apple Confidential Information” as defined in Section 10.1. So the terms are not confidential, but developers are contractually forbidden from speaking “publicly” about them.
Ban on Reverse Engineering: Section 2.6 prohibits any reverse engineering (including the kinds of reverse engineering for interoperability that courts have recognized as a fair use under copyright law), as well as anything that would “enable others” to reverse engineer, the software development kit (SDK) or iPhone OS.
App Store Only: Section 7.3 makes it clear that any applications developed using Apple’s SDK may only be publicly distributed through the App Store, and that Apple can reject an app for any reason, even if it meets all the formal requirements disclosed by Apple. So if you use the SDK and your app is rejected by Apple, you’re prohibited from distributing it through competing app stores like Cydia.
No Tinkering with Any Apple Products: Section 3.2(e) is the “ban on jailbreaking” provision that appears to prohibit developers from tinkering with any Apple software or technology, not just the iPhone, or “enabling others to do so.”
Apple Owns Your Security: Section 6.1 explains that Apple has to approve any bug fixes or security releases. If Apple does not approve such updates very quickly, this requirement could put many people in jeopardy.
Kill Your App Any Time: Section 8 makes it clear that Apple can “revoke the digital certificate of any of Your Applications at any time.” Steve Jobs once confirmed that Apple can remotely disable apps, even after they have been installed by users. This contract provision would appear to allow that.
We have some other concerns as well, but these top the list.
September 7, 2013
The EFF on the now even-more-secret negotiations for the Trans-Pacific Partnership treaty:
This week, trade delegates met in San Francisco to discuss the Trans-Pacific Partnership (TPP) agreement’s e-commerce chapter. It’s likely that this secret chapter carries provisions that whittle away at user data protections. But we weren’t able to say so at this meeting. Not only have they neglected to notify digital rights groups — including EFF, which is based in San Francisco — about the meeting, we could not even discover where it was taking place.
Delegates from TPP countries are right now holding these secretive “inter-sessional” meetings here and in other undisclosed cities around the world. Trade reps for specific issue areas are hammering out “unresolved” issues that are holding up the conclusion of the agreement, and doing so by becoming even more secretive and evasive than ever.
We only heard about a TPP meeting on intellectual property in Mexico City in September through the diplomatic rumor-mill, since the US Trade Rep is no longer bothering to announce the dates or locations of these closed-door side meetings. During this round in Mexico, countries that have been resistant to U.S. demands to sign onto highly restrictive copyright enforcement standards may ultimately be strong-armed into doing so.
It’s probably safe to assume that the reason they’ve become so secretive is that they don’t want any of us to know what they’re doing until it’s a fait accompli and we can’t do anything about it. That’s how much they trust us.
August 6, 2013
The EFF has a few suggestions on how to go about reining-in the NSA:
While we still believe that the best first step is a modern Church Committee, an independent, public investigation and accounting of the government’s surveillance programs that affect Americans, members of Congress seem determined to try to enact fixes now. Almost a dozen bills have already been introduced or will be introduced in the coming weeks.
While we’re also waiting to see what the various bills will look like before endorsing anything, here’s — in broad strokes — what we’d like to see, and what should be avoided or opposed as a false response. We know full well that the devil is in the details when it comes to legislation, so these are not set in stone and they aren’t exhaustive. But as the debate continues in Congress, here are some key guideposts.
This first post focuses on surveillance law reform. In later posts we’ll discuss transparency, secret law and the FISA Court as well as other topics raised by the ongoing disclosures. In short, there’s much Congress can and should do here, but we also need to be on the lookout for phony measures dressed as reform that either don’t fix things or take us backwards.
May 19, 2013
Cory Doctorow appears to have been plagiarized by real life:
Two minor characters from my novel Makers have apparently come to life and written an article for 3D Printing Industry. These two people are patent lawyers for Finnegan IP law firm, Washington, DC, which I don’t recall making up, but this is definitely a pair of Doctorow villains (though, thankfully, I had the good sense not to give them any lines in the book — they’re far too cliched in their anodyne evil for anyone to really believe in).
These patent lawyers are upset because the evil Makers (capital-M and all!) are working with the Electronic Frontier Foundation to examine bad 3D printing patents submitted to the US Patent and Trademark Office. The problem is that 3D printing is 30 years old, so nearly all the stuff that people want to patent and lock up and charge rent on for the next 20 years has already been invented, and the pesky Makers are insisting on pointing out this inconvenient fact to the USPTO.
This breaks the established order, which is much to be preferred: the UPSTO should grant all the bullshit patents that companies apply for. The big companies can pay firms like Finnegan to file patents on every trivial, stale, ancient idea and then cross-license them to each other, but use them to block disruptive new entrants to the marketplace. The old system also has the desirable feature of arming patent trolls with the same kind of bullshit patents so that they can sue giant companies and disruptive startups alike, and Finnegan can be there to soak up the tens of millions of dollars in legal fees generated by all this activity.
April 21, 2013
The BBC reports on the unwelcome CISPA bill and its progress through the legislative machinery:
The US House of Representatives has passed the controversial Cyber Information Sharing and Protection Act.
Cispa is designed to help combat cyberthreats by making it easier for law enforcers to get at web data.
This is the second time Cispa has been passed by the House. Senators threw out the first draft, saying it did not do enough to protect privacy.
Cispa could fail again in the Senate after threats from President Obama to veto it over privacy concerns.
[. . .]
The bill could fail again in the Senate after the Obama administration’s threat to use its veto unless changes were made. The White House wants amendments so more is done to ensure the minimum amount of data is handed over in investigations.
The American Civil Liberties Union has also opposed Cispa, saying the bill was “fatally flawed”. The Electronic Frontier Foundation, Reporters Without Borders and the American Library Association have all voiced similar worries.
March 26, 2013
At Reason, Tom Jackson reviews Cory Doctorow’s Homeland, the sequel to 2007’s Little Brother:
By day, Yallow works within the system, taking a job as a webmaster for an independent candidate for the California senate. By night, he’s a part of a guerrilla WikiLeaks-style operation, trying to deal with goons who are out to get him and hackers trying to control his computer and his information. Life gets even more complicated when he starts participating in large outdoor demonstrations that attract the attention of the police. The story should resonate with any reader who worries about online privacy and the government’s ability to use the Net as a tool for political repression.
Although Yallow and his buddies are fictional, Homeland is studded with educational bits. One early chapter, for example, includes a recipe for cold-brew coffee. A librarian delivers a lecture on copyright reform. While at Burning Man, Doctorow meets four heroes of the Internet — Mitch Kapor, John Gilmore, Wil Wheaton, and John Perry Barlow — and the reader is duly educated on how they relate to the founding of the Electronic Frontier Foundation and the creation of Lotus. The infodump continues after the novel ends, with an afterword by Jacob Appelbaum of WikiLeaks and another by the late Aaron Swartz. (Swartz, facing a federal trial and possible prison on felony charges for downloading academic documents, committed suicide on January 11. His exhortations here not to give in to despair and a feeling of powerlessness make for sad reading, but he also explains how political movements to preserve the Internet from censorship have a chance to succeed.) There is also a bibliographic essay on the topics the book covers. It’s as if Doctorow, well-known both as a science fiction writer and as a contributor to Boing Boing, figured out how to be a novelist and a blogger in the same book.
The encounter with Kapor and company isn’t the only way the novel intersects with reality. Yallow logs on to his laptop using the Paranoid Linux operating system, created to maximize the user’s privacy. Paranoid Linux was fictional when Doctorow invented it in Little Brother, but it inspired the creation of a real, albeit short-lived, Paranoid Linux distro. And if you Google “Paranoid Linux,” you’ll learn about current Linux distributions that emphasize security, such as Tails and LPS. As Doctorow notes in his afterword, Googling terms in the book that might be unfamiliar to the reader — “hackerspace,” “drone,” “Tor Project,” “lawful intercept” — provides many of the novel’s educational experiences.
March 17, 2013
The EFF posted more information about the court decision that National Security Letters violate the constitution:
The controversial NSL provisions EFF challenged on behalf of the unnamed client allow the FBI to issue administrative letters — on its own authority and without court approval — to telecommunications companies demanding information about their customers. The controversial provisions also permit the FBI to permanently gag service providers from revealing anything about the NSLs, including the fact that a demand was made, which prevents providers from notifying either their customers or the public. The limited judicial review provisions essentially write the courts out of the process.
In today’s ruling, the court held that the gag order provisions of the statute violate the First Amendment and that the review procedures violate separation of powers. Because those provisions were not separable from the rest of the statute, the court declared the entire statute unconstitutional. In addressing the concerns of the service provider, the court noted: “Petitioner was adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate.”
“The First Amendment prevents the government from silencing people and stopping them from criticizing its use of executive surveillance power,” said EFF Legal Director Cindy Cohn. “The NSL statute has long been a concern of many Americans, and this small step should help restore balance between liberty and security.”
March 16, 2013
The “most transparent administration” may be forced to be a bit more transparent after a US federal judge declared National Security Letters to be unconstitutional:
Ultra-secret national security letters that come with a gag order on the recipient are an unconstitutional impingement on free speech, a federal judge in California ruled in a decision released Friday.
U.S. District Judge Susan Illston ordered the government to stop issuing so-called NSLs across the board, in a stunning defeat for the Obama administration’s surveillance practices. She also ordered the government to cease enforcing the gag provision in any other cases. However, she stayed her order for 90 days to give the government a chance to appeal to the Ninth Circuit Court of Appeals.
“We are very pleased that the Court recognized the fatal constitutional shortcomings of the NSL statute,” said Matt Zimmerman, senior staff attorney for the Electronic Frontier Foundation, which filed a challenge to NSLs on behalf of an unknown telecom that received an NSL in 2011. “The government’s gags have truncated the public debate on these controversial surveillance tools. Our client looks forward to the day when it can publicly discuss its experience.”
[. . .]
NSLs are written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more.
NSLs are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL. An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the Special Agent in Charge of their office. The FBI has to merely assert that the information is “relevant” to an investigation into international terrorism or clandestine intelligence activities.
February 1, 2013
Chris Vizzini registered the trademark “Gaymer” in March of 2008. More recently he’s started trying to enforce his trademark by sending a cease-and-desist letter to Reddit, which has a large, active, vocal gay gamer community in the r/gaymers subreddit. If you know anything about Reddit communities, you’ll not be surprised that they’ve rallied to fight against Vizzini’s efforts to shut them down:
The response was immediate. The first option presented was to change the subreddit’s name. Others looked to see if the trademark could even be considered valid, tracking down examples of prior use, one of them dating all the way back to 1991. Also discussed was the possibility of licensing the term for a nominal fee, the downside being that even if Vizzini did accept, it would do nothing to prevent him from pursuing others who used the word “gaymer.”
While the trademark’s description seemed to cover a large portion of Reddit’s “goods and services” (with a few notable differences), the discussion focused on whether or not Vizzini should have been able to trademark what many viewed as a descriptive or generic term.
The stakes were raised again when the Electronic Frontier Foundation (EFF) became an active participant:
And, as if facing the wrath of united redditors wasn’t enough, the EFF has now joined the push to have this trademark cancelled.
[I]n a petition filed with the U.S. Patent and Trademark Office (USPTO) today, the group asks the USPTO to cancel the “gaymer” trademark registration so that people around the world can continue to use the word without interference.
The Electronic Frontier Foundation (EFF) and the law firm Perkins Coie represent the Reddit gaymers — members of the lesbian, gay, bisexual, and transgendered community who have an active interest in video games…
“This registration should never have been granted,” said EFF Intellectual Property Director Corynne McSherry. “Gaymer is a common term that refers to members of this vibrant gaming community, and we are happy to help them fight back and make sure the term goes back to the public domain where it belongs.”
“Trademarks have one primary purpose: to protect consumers from confusion about the source of goods or services,” said EFF Staff Attorney Julie Samuels. “This registration isn’t being used to protect consumers — it’s being used to threaten free speech.”
EFF’s petition cites the same complaints the redditors discussed: that the word “gaymer” is both generic and descriptive and that it predates Vizzini’s application for exclusive use of the term (in relation to the services listed above — there’s also an unrelated Gaymer line of ciders). Whether or not the USPTO will find this argument convincing remains to be seen. Many dubious claims have made their way unscathed through the registration office in years past. The main benefit of this action is it puts the pressure on Vizzini to defend his claim to the term, something he may have no interest in doing.
September 4, 2012
If you’re not happy unless your package has been thoroughly inspected by trained professionals on its way to the destination, you’ll want to stock up on this new item available from the Electronic Frontier Foundation:
August 11, 2012
Cory Doctorow explains why we still need to fight against WIPO’s latest attempt to gain even more legal rights over content:
The UN’s World Intellectual Property Organization’s Broadcasting Treaty is back. This is the treaty that EFF and its colleagues killed five years ago, but Big Content won’t let it die. Under the treaty, broadcasters would have rights over the material they transmitted, separate from copyright, meaning that if you recorded something from TV, the Internet, cable or satellite, you’d need to get permission from the creator and the broadcaster to re-use it. And unlike copyright, the “broadcast right” doesn’t expire, so even video that is in the public domain can’t be used without permission from the broadcaster who contributed the immense creativity inherent in, you know, pressing the “play” button. Likewise, broadcast rights will have different fair use/fair dealing rules from copyright — nations get to choose whether their broadcast rights will have any fair dealing at all. That means that even if you want to reuse video is a way that’s protected by fair use (such as parody, quotation, commentary or education), the broadcast right version of fair use might prohibit it.
Worst of all: There’s no evidence that this is needed. No serious scholarship of any kind has established that creating another layer of property-like rights will add one cent to any country’s GDP. Indeed, given that this would make sites like Vimeo and YouTube legally impossible, it would certainly subtract a great deal from nations’ GDP — as well as stifling untold amounts of speech and creativity, by turning broadcasters into rent-seeking gatekeepers who get to charge tax on videos they didn’t create and whose copyright they don’t hold.