There is a growing pile of evidence that cities should drop Shotspotter, the notorious surveillance system that purportedly uses acoustic sensors to detect gunshots, due to its inaccuracies and the danger it creates in communities where it’s installed. In yet another blow to the product and the surveillance company behind it—SoundThinking—Congress members have sent a letter calling on the Department of Homeland Security to investigate how it provides funding to local police to deploy the product.

The seven page letter, from Senators Ed Markey, Ron Wyden and Elizabeth Warren, and Representative Ayanna Pressley, begins by questioning the “accuracy and effectiveness” of ShotSpotter, and then outlines some of the latest evidence of its abysmal performance, including multiple studies showing false positive rates—i.e. incorrectly classifying non-gunshot sounds as gunshots—at 70% or higher. In addition to its ineffectiveness, the Congress members voiced their serious concerns regarding ShotSpotter’s contribution to discrimination, civil rights violations, and poor policing practices due to the installation of most ShotSpotter sensors in overwhelmingly “Black, Brown and Latin[e] communities” at the request of local law enforcement. Together, the inefficacy of the technology and the placements can result in the deployment of police to what they expect to be a dangerous situation with guns drawn, increasing the chances of all-too-common police violence against civilians in the area.

In light of the grave concerns raised by the use of ShotSpotter, the lawmakers are demanding that DHS investigate its funding, and whether it’s an appropriate use of taxpayer dollars. We agree: DHS should investigate, and should end its program of offering grants to local law enforcement agencies to contract with SoundThinking. 

The letter can be read in its entirety here.

In an indictment against Defend the Atlanta Forest activists in Georgia, state prosecutors are citing use of encrypted communications to fearmonger. Alleging the defendants—which include journalists and lawyers, in addition to activists—in the indictment were responsible for a number of crimes related to the Stop Cop City campaign, the state Attorney General’s prosecutors cast suspicion on the defendants’ use of Signal, Telegram, Tor, and other everyday data-protecting technologies.

“Indeed, communication among the Defend the Atlanta Forest members is often cloaked in secrecy using sophisticated technology aimed at preventing law enforcement from viewing their communication and preventing recovery of the information” the indictment reads. “Members often use the dark web via Tor, use end-to-end encrypted messaging app Signal or Telegram.”

The secure messaging app Signal is used by tens of millions of people, and has hundreds of millions of global downloads. In 2021, users moved to the nonprofit-run private messenger en masse as concerns were raised about the data-hungry business models of big tech. In January of that year, former world’s richest man Elon Musk tweeted simply “Use Signal.” And world-famous NSA whistle-blower Edward Snowden tweeted in 2016 what in information security circles would become a meme and truism: “Use Tor. Use Signal.”

Despite what the bombastic language would have readers believe, installing and using Signal and Tor is not an initiation rite into a dark cult of lawbreaking. The “sophisticated technology” being used here are apps that are free, popular, openly distributed, and widely accessible by anyone with an internet connection. Going further, the indictment ascribes the intentions of those using the apps as simply to obstruct law enforcement surveillance. Taking this assertion at face value, any judge or reporter reading the indictment is led to believe everyone using the app simply wants to evade the police. The fact that these apps make it harder for law enforcement to access communications is exactly because the encryption protocol protects messages from everyone not intended to receive them—including the users’ ISP, local network hackers, or the Signal nonprofit itself.

Elsewhere, the indictment hones in on the use of anti-surveillance techniques to further its tenuous attempts to malign the defendants: “Most ‘Forest Defenders’ are aware that they are preparing to break the law, and this is demonstrated by premeditation of attacks.” Among a laundry list of other techniques, the preparation is supposedly marked by “using technology avoidance devices such as Faraday bags and burner phones.” Stoking fears around the use of anti-surveillance technologies sets a dangerous precedent for all people who simply don’t want to be tracked wherever they go. In protest situations, carrying a prepaid disposable phone can be a powerful defense against being persecuted for participating in first-amendment protected activities. Vilifying such activities as the acts of wrongdoers would befit totalitarian societies, not ones in which speech is allegedly a universal right.

To be clear, prosecutors have apparently not sought to use court orders to compel either the defendants or the companies named to enter passwords or otherwise open devices or apps. But vilifying the defendants’ use of common sense encryption is a dangerous step in cases that the Dekalb County District Attorney has already dropped out of, citing “different prosecutorial philosophies.”

Using messengers which protect user communications, browsers which protect user anonymity, and employing anti-surveillance techniques when out and about are all useful strategies in a range of situations. Whether you’re looking into a sensitive medical condition, visiting a reproductive health clinic with the option of terminating a pregnancy, protecting trade secrets from a competitor, wish to avoid stalkers or abusive domestic partners, protecting attorney-client exchanges, or simply want to keep your communications, browsing, and location history private, these techniques can come in handy. It is their very effectiveness which has led to the widespread adoption of privacy-protective technologies and techniques. When state prosecutors spread fear around the use of these powerful techniques, this sets us down a dangerous path where citizens are more vulnerable and at risk.

The University of Georgia (UGA) School of Law’s First Amendment Clinic has filed an Open Records Request lawsuit to demand public records from the private Atlanta Police Foundation (APF). The lawsuit, filed at the behest of the Atlanta Community Press Collective and Electronic Frontier Alliance-member Lucy Parsons Labs, is seeking records relating to the Atlanta Public Safety Training Center, which activists refer to as Cop City. While the facility will be used for public law enforcement and emergency services agencies, including training on surveillance technologies, the lease is held by the APF.  

The argument is that the Atlanta Police Foundation, as the nonprofit holding the lease for facilities intended for use by government agencies, should be subject to the same state Open Records Act as to its functions that are on behalf of law enforcement agencies. Beyond the Atlanta Public Safety Training Center, the APF also manages the Atlanta Police Department’s Video Surveillance Center, which integrates footage from over 16,000 public and privately-held surveillance cameras across the city. 

According to UGA School of Law’s First Amendment Clinic, “The Georgia Supreme Court has held that records in the custody of a private entity that relate to services or functions the entity performs for or on behalf of the government are public records under the Georgia Open Records Act.” 

Police foundations frequently operate in this space. They are private, non-profit organizations with boards made up of corporations and law firms that receive monetary or equipment donations that they then gift to their local law enforcement agencies. These gifts often bypass council hearings or other forms of public oversight. 

Lucy Parsons Labs’ Ed Vogel said, “At the core of the struggle over the Atlanta Public Safety Training Center is democratic practice. Decisions regarding this facility should not be made behind closed doors. This lawsuit is just one piece of that. The people have a right to know.” 

You can read the lawsuit here. 

In a stunning reversal against the popular Transparent & Responsible Use of Surveillance Technology (TRUST) ordinance, the San Diego city council voted earlier this year to cut many of the provisions that sought to ensure public transparency for law enforcement surveillance technologies. 

Similar to other Community Control Of Police Surveillance (CCOPS) ordinances, the TRUST ordinance was intended to ensure that each police surveillance technology would be subject to basic democratic oversight in the form of public disclosures and city council votes. The TRUST ordinance was fought for by a coalition of community organizations– including several members of the Electronic Frontier Alliance – responding to surprise smart streetlight surveillance that was not put under public or city council review.  

The TRUST ordinance was passed one and a half years ago, but law enforcement advocates immediately set up roadblocks to implementation. Police unions, for example, insisted that some of the provisions around accountability for misuse of surveillance needed to be halted after passage to ensure they didn’t run into conflict with union contracts. The city kept the ordinance unapplied and untested, and then in the late summer of 2023, a little over a year after passage, the mayor proposed a package of changes that would gut the ordinance. This included exemption of a long list of technologies, including ARJIS databases and record management system data storage. These changes were later approved this past January.  

But use of these databases should require, for example, auditing to protect data security for city residents. There also should be limits on how police share data with federal agencies and other law enforcement agencies, which might use that data to criminalize San Diego residents for immigration status, gender-affirming health care, or exercise of reproductive rights that are not criminalized in the city or state. The overall TRUST ordinance stands, but partly defanged with many carve-outs for technologies the San Diego police will not need to bring before democratically-elected lawmakers and the public. 

Now, opponents of the TRUST ordinance are emboldened with their recent victory, and are vowing to introduce even more amendments to further erode the gains of this ordinance so that San Diegans won’t have a chance to know how their local law enforcement surveils them, and no democratic body will be required to consent to the technologies, new or old. The members of the TRUST Coalition are not standing down, however, and will continue to fight to defend the standing portions of the TRUST ordinance, and to regain the wins for public oversight that were lost. 

As Lilly Irani, from Electronic Frontier Alliance member and TRUST Coalition member Tech Workers Coalition San Diego, has said: 

“City Council members and the mayor still have time to make this right. And we, the people, should hold our elected representatives accountable to make sure they maintain the oversight powers we currently enjoy — powers the mayor’s current proposal erodes.” 

If you live or work in San Diego, it’s important to make it clear to city officials that San Diegans don’t want to give police a blank check to harass and surveil them. Such dangerous technology needs basic transparency and democratic oversight to preserve our privacy, our speech, and our personal safety. 

The Electronic Frontier Alliance (EFA) is a loose network of local groups fighting for digital rights in the United States, chaired by EFF. Members’ efforts have been recovering from the limitations put on local organizing caused by the pandemic. More EFA members have been holding in-person workshops and meet-ups that help cement the relationships needed to do their work.

If you’re a member of a local or state group in the United States that fights for digital rights and might want to join, please learn more at our FAQ page. If your group feels like a good fit, please fill out an application here. The Alliance has scores of members, all doing great things this year. This review highlights just a few.

EFA members are organizing for your rights

This year, we caught up with our friends at the Surveillance Technology Oversight Project (S.T.O.P.), a growing organization that has become a force to be reckoned with in New York. STOP has worked to pass the Public Oversight of Surveillance Technology Act in their City Council, and used the law to uncover previously unknown NYPD surveillance contracts. They also won key successes against discriminatory policies by the NYPD by taking the department to court.

We talked to Portland’s Techno-Activism 3rd Mondays (TA3M), which came out of a nationwide effort to increase digital rights activism by providing regular workshops on related topics. Portland’s TA3M hasn’t just survived when most other chapters have disbanded. They have kept a great pace of trainings and panel discussions which has helped keep the digital rights movement alive in Portland, even through the pandemic when these educational events had to move online.

We checked-in with CCTV Cambridge on their efforts to close the digital divide with their Digital Navigator program, as well as their advocacy for digital equality. CCTV Cambridge does work across all demographics. For example, they implemented a Youth Media Program where teens get paid while developing skills to become professional media artists. They also have a Foundational Technology program for elders and others who struggle with technology.

EFA groups kept the conversation going in their communities

Alliance members got together for a podcast interview on Firewalls Don’t Stop Dragons, including EFF, Portland-based PDX Privacy, and Chicago-based Lucy Parsons Labs. It’s a great introduction to the Electronic Frontier Alliance, a couple of its superstar members, and how to get involved.

The Electronic Frontiers track at the sci-fi, fantasy, and comic book-oriented Dragon*Con in Atlanta was produced in coordination with EFA member Electronic Frontiers Georgia and garnered some fantastic conversations. After a few years of hiatus or virtual panels, the digital rights component to the convention came back strong last year and carried on full steam ahead in 2023. Members of EF-Georgia, EFF and allied organizations presented on a variety of topics, including:

• Age Limits for Social Media
• Banning TikTok
• ChatGPT
• Civil Asset Forfeiture
• Copyright 101
• Copyright and AI
• Digital Landlords
• EARN-IT and STOP CSAM Act
• Hacking 101 and 201
• Killer robots in San Francisco
• Mastodon, the Fediverse and ActivityPub
• Police Foundations and Surveillance
• The Right to Repair
• Rise of Labor Unions in Tech Shops
• Section 230 Protections

More of the Dragon*Con panels can be found at EF-Georgia’s special Dragon*Con playlist.

EFF-Austin also moved back in-person events, including monthly expert talks in Texas and meet-ups for people in their city interested in privacy, security, and related issues. Subjects included:

• AI and Cybersecurity
• Automation and Landlordism
• Biometric Surveillance and Art
• City Surveillance and Public Trust
• Cyber Security’s Role in Rethinking Democracy
• Generative AI in its Historical Context
• OAuth: the Online Authorization Protocol
• Password Security
• Positive Developments in AI and Computing

New members

This past year, we also had the opportunity to expand the alliance, especially among youth-led groups, by welcoming six impressive new members:  

• Cyber Security Club @SFSU, San Francisco, CA: The Cyber Security Club is a student group for digital security-minded members of the San Francisco State University community.
• Encode Justice North Carolina: Encode Justice NC is mostly made up of high school students learning the tools of organizing by focusing on issues like algorithmic machine-learning and law enforcement surveillance.
• Encode Justice Oregon: Like the EJ-NC chapter, EC-Oregon is composed of  high school students training their peers to take an active role in local decision-making.
• MOKANCAN, Lawrence, KS: The Missouri & Kansas Cyber Alliance Network is a growing new group of volunteer activists who have been meeting on privacy and other digital rights in cities near the border of the two states.
• New York Law School’s Privacy Law Association, New York, NY: The PLA is a group of law students that train and organize around digital privacy and its impact in many fields of the law.
• Security Club @OSU, Portland, OR: The OSU SEC is a group for security-minded students at Oregon State University that engages in cyber defense training and related digital security education.

Looking forward

As we continue to fight for our digital rights, more groups are connecting to build and maintain a movement for change. In the coming year, a lot of EFA members will be focused on effecting positive social change, whether it’s by training new generations of digital justice activists or preventing attacks on rights to privacy and free expression. 

To learn more about how the EFA works, please check out our FAQ page, and to join the fight, please apply to join us.

Learn more about some of our other EFA members in these past profiles:

• Digital Fourth
• Restore the 4th Minnesota
• PDX Privacy interview 
• Restore the Fourth MN interview
• Future ADA interview
• Personal Telco Project interview
• CyPurr Collective interview
• Cryptoparty Ann Arbor interview

 This blog is part of our Year in Review series. Read other articles about the fight for digital rights in 2023.