Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierFlux principal

EFF Opposes the American Privacy Rights Act

Protecting people's privacy is the first step we should take to create meaningful online regulation. That's why EFF has previously expressed concerns about the American Privacy Rights Act (APRA) which, rather than set up strong protections, instead freezes consumer data privacy protections in place, preempts existing state laws, and would prevent states from creating stronger protections in the future

While the bill has not yet been formally introduced, subsequent discussion drafts of the bill have not addressed our concerns; in fact, they've only deepened them. So, earlier this month, EFF told Congress that it opposes APRA and signed two letters to reiterate why overriding stronger state laws—and preventing states from passing stronger laws—hurts everyone.

EFF has a clear position on this: federal privacy laws should not roll back state privacy protections. And there is no reason that we must trade strong state laws for weaker national privacy protection. Companies that collect and use data—and have worked to kill strong state privacy bills time and again— want Congress to believe a "patchwork" of state laws is unworkable for data privacy, even though existing federal privacy and civil rights laws operate as regulatory floors and do not prevent states from enacting and enforcing their own stronger statutes. In a letter opposing the preemption sections of the bill, our allies at the American Civil Liberties Union (ACLU) stated it this way: "the soundest approach to avoid the harms from preemption is to set the federal standard as a national baseline for privacy protections — and not a ceiling." Advocates from ten states signed on to the letter warning how APRA, as written, would preempt dozens of stronger state laws. These include laws protecting AI regulation in Colorado, internet privacy in Maine, healthcare and tenant privacy in New York, and biometric privacy in Illinois, just to name a handful. 

APRA would also override a California law passed to rein in data brokers and replace it with weaker protections. EFF last year joined Privacy Rights Clearinghouse (PRC) and others to support and pass the California Delete Act, which gives people an easy way to delete information held by data brokers. In a letter opposing APRA, several organizations that supported California's law highlighted ways that APRA falls short of what's already on the books in California. "By prohibiting authorized agents, omitting robust transparency and audit requirements, removing stipulated fines, and, fundamentally, preempting stronger state laws, the APRA risks leaving consumers vulnerable to ongoing privacy violations and undermining the progress made by trailblazing legislation like the California Delete Act," the letter said.

EFF continues to advocate for strong privacy legislation and encourages APRA's authors to center strong consumer protections in future drafts.

To view the coalition letter on the preemption provisions of APRA, click here: https://www.eff.org/document/aclu-letter-apra-preemption

To view the coalition letter opposing APRA because of its data broker provisions, click here: https://www.eff.org/document/prc-letter-apra-data-broker-provisions

The Surveillance Showdown That Fizzled

15 décembre 2023 à 15:08

Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring.

In the last week of legislative business before the winter break, Congress was scheduled to consider two very different proposals: H.R. 6570, the Protect Liberty and End Warrantless Surveillance Act in House Judiciary Committee (HJC); and H.R. 6611, the FISA Reform and Reauthorization Act of 2023 in the House Permanent Select Committee on Intelligence (HPSCI), to reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA). However, as the conversation about how to consider these proposals grew heated, both bills have been pulled from the legislative calendar without being rescheduled.

TAKE ACTION

Tell Congress: Defeat HPSCI’s Horrific Surveillance Bill

The legislative authority for Section 702 was set to expire December 31, 2023, though language was added to the National Defense Authorization Act (NDAA) to extend the legislative authority of Section 702 through April 2024. It is disappointing that, despite all of the reported abuses of the Section 702 program, Congress chose to pass a reauthorization bill instead of making the necessary effort to include critical reforms. As advocates for reform, including EFF, said in a letter to Congress in late November, bypassing the discussion around reform by slipping an extension of the law into the defense authorization bill during conference demonstrates a blatant disregard for the civil liberties and civil rights of the American people.

While it is frustrating that Congress ignored the urgent need for significant Section 702 reform before the December 31 deadline, reform advocates should not lose hope. The current stalemate also means that the pro-surveillance hardliners of the intelligence community were not able to jam through their expansion of the program based on the same old scare tactics they’ve used for years. Fortunately, it seems that many members of the House and Senate have heard our message. While renewing any surveillance authority remains a complicated and complex issue, this choice is clear: we continue to urge all Members to oppose the Intelligence Committee’s bill, H.R.6611, the FISA Reform and Reauthorization Act of 2023.

Additionally, in the moments leading up to a possible floor vote, many House members (and some Senators) have made public statements calling for reform. Notably, that list includes the current House Speaker, Mike Johnson, who told Fox News that Section 702 “... was also abused by the FBI, by our own government, over almost 300,000 times between 2020 and 2021, and so the civil liberties of Americans have been jeopardized by that. It must be reformed."

So, while we are disappointed that Congress chose to leave for the holidays without enacting any of these absolutely necessary reforms, we are already making plans to continue this fight in the New Year. We are also grateful for the calls and emails from our members and supporters; these have absolutely made an impact and will be more important than ever in the fight to come. 

TAKE ACTION

Tell Congress: Defeat HPSCI’s Horrific Surveillance Bill

The House Intelligence Committee's Surveillance 'Reform' Bill is a Farce

8 décembre 2023 à 14:41

Earlier this week, both the House Committee on the Judiciary (HJC) and the House Permanent Select Committee on Intelligence (HPSCI) marked up two very different bills (H.R. 6570 - Protect Liberty and End Warrantless Surveillance Act in HJC, and HR 6611, the FISA Reform and Reauthorization Act of 2023 in HPSCI), both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA)—but in very different ways. Both bills head to the House floor next week under a procedural rule called “Queen of the Hill,” where the bill with the most votes gets sent to the Senate for consideration. 

While renewing any surveillance authority remains a complicated and complex issue, this choice is clear - we urge all Members to vote NO on the Intelligence Committee’s bill, H.R.6611, the FISA Reform and Reauthorization Act of 2023.

Take action

TELL congress: Defeat this bad 702 Bill

On Nov. 16, HPSCI released a report calling for reauthorization of Section 702 with essentially superficial reforms. The bill that followed, H.R. 6611, was as bad as expected. It would renew the mass surveillance authority Section 702 for another eight years. It would create new authorities that the intelligence community has sought for years, but that have been denied by the courts. It would continue the indiscriminate collection of U.S. persons’ communications when they talk with people abroad for use by domestic law enforcement. This was not the intention of this national security program, and people on U.S. soil should not have their communications collected without a warrant because of a loophole.

As a reminder, Section 702 was designed to allow the government to warrantlessly surveil non-U.S. citizens abroad for foreign intelligence purposes. Increasingly, it’s this U.S. side of digital conversations that domestic law enforcement agencies trawl through—all without a warrant. FBI agents have been using the Section 702 databases to conduct millions of invasive searches for Americans’ communications, including those of protesters, racial justice activists, 19,000 donors to a congressional campaign, journalists, and even members of Congress

Additionally, the HPSCI bill authorizes the use of this unaccountable and out-of-control mass surveillance program as a new way of vetting asylum seekers by sifting through their digital communications. According to a newly released Foreign Intelligence Surveillance Court (FISC) opinion, the government has sought some version of this authority for years, but was repeatedly denied it, only receiving court approval for the first time this year. Because the court opinion is so heavily redacted, it is impossible to know the current scope of immigration- and visa-related querying, or what broader proposal the intelligence agencies originally sought. 

This new authority proposes to give immigration services the ability to audit entire communication histories before deciding whether an immigrant can enter the country. This is a particularly problematic situation that could cost someone entrance to the United States based on, for instance, their own or a friend’s political opinions—as happened to a Palestinian Harvard student when his social media account was reviewed when coming to the U.S. to start his semester.

The HPSCI bill also includes a call “to define Electronic Communication Service Provider to include equipment.” Earlier this year, the FISA Court of Review released a highly redacted opinion documenting a fight over the government's attempt to subject an unknown company to Section 702 surveillance. However, the court agreed that under the circumstances the company did not qualify as an "electronic communication service provider" under the law. Now, the HPSCI bill would expand that definition to include a much broader range of providers, including those who merely provide hardware through which people communicate on the Internet. Even without knowing the details of the secret court fight, this represents an ominous expansion of 702's scope, which the committee introduced without any explanation or debate of its necessity. 

By contrast, the House Judiciary Committee bill, H.R. 6570, the Protect Liberty and End Warrantless Surveillance Act, would actually address a major problem with Section 702 by banning warrantless backdoor searches of Section 702 databases for Americans’ communications. This bill would also prohibit law enforcement from purchasing Americans’ data that they would otherwise need a warrant to obtain, a practice that circumvents core constitutional protections. Importantly, this bill would also renew this authority for only three more years, giving Congress another opportunity to revisit how the reforms are implemented and to make further changes if the government is still abusing the program.

EFF has long fought for significant changes to Section 702. By the government’s own numbers, violations are still occurring at a rate of more than 4,000 per year. Our government, with the FBI in the lead, has come to treat Section 702—enacted by Congress for the surveillance of foreigners on foreign soil —as a domestic surveillance program of Americans. This simply cannot be allowed to continue. While we will continue to push for further reforms to Section 702, we urge all members to reject the HPSCI bill.

Hit the button below to tell your elected officials to vote against this bill:

Take action

TELL congress: Defeat this bad 702 Bill

Related Cases: 

The Government Surveillance Reform Act Would Rein in Some of the Worst Abuses of Section 702

With Section 702 of the Foreign Intelligence Surveillance Act (FISA) set to expire at the end of the year, Congress is considering whether to reauthorize the law and if so, whether to make any necessary amendments to the invasive surveillance authority. 

While Section 702 was first sold as a tool necessary to stop foreign terrorists, it has since become clear that the government uses the communications it collects under this law as a domestic intelligence source. The program was intended to collect communications of people outside of the United States, but because we live in an increasingly globalized world, the government retains a massive trove of communications between people overseas on U.S. persons. Increasingly, it’s this U.S. side of digital conversations that are being routinely sifted through by domestic law enforcement agencies—all without a warrant. 

The congressional authorization for Section 702 expires in December 2023, and it’s in light of the current administration’s attempts to renew this authority that we demand that Congress must not reauthorize Section 702 without reforms. It’s more necessary than ever to pass reforms that prevent longstanding and widespread abuses of the program and that advance due process for everyone who communicates online.

U.S. Senators Ron Wyden, and Sen. Mike Lee, with cosponsors Senators Tammy Baldwin, Steve Daines, Mazie Hirono, Cynthia Lummis, Jon Tester, Elizabeth Warren, and Edward Markey, along with Representatives Zoe Lofren, Warren Davidson have introduced the Government Surveillance Reform Act that would reauthorize Section 702 with many of these important safeguards in place.

EFF supports this bill and encourages Congress to implement these critical measures:

Government Queries of Section 702 Databases

Under the Fourth Amendment, when the FBI or other law enforcement entity wants to search your emails, it must convince a judge there’s reason to believe your emails will contain evidence of a crime. But because of the way the NSA implements Section 702, communications from innocent Americans are routinely collected and stored in government databases, which are accessible to the FBI, the CIA, and the National Counterterrorism Center.

So instead of having to get a warrant to collect this data, it’s already in government servers. And the government currently decides for itself whether it can look through (“query”) its databases for Americans’ communications—decisions which it regularly makes incorrectly, even according to the Foreign Intelligence Surveillance Court. Requiring a judge to examine the government’s claims when it wants to query its Section 702 databases for Americans’ communications isn’t just a matter of standards: it’s about ensuring government officials don’t get to decide themselves whether they can compromise Americans’ privacy in their most sensitive and intimate communications.

The Government Surveillance Reform Act would prohibit warrantless queries of information collected under Section 702 to find communications or certain information of or about U.S. persons or persons located in the United States. Importantly, this prohibition would also include geolocation information, web browsing, and internet search history.

Holding the Government Accountable

A cornerstone of our legal system is that if someoneincluding the governmentviolates your rights, you can use the courts to hold them accountable if you can show that you were affected, i.e. that you have standing.

But, in multiple cases, courts interpreting an evidentiary provision in FISA have prevented Americans who alleged injuries from Section 702 surveillance from obtaining judicial review of the surveillance’s legality. The effect is a one-way ratchet that has “created a broad national-security exception to the Constitution that allows all Americans to be spied upon by their government while denying them any viable means of challenging that spying.”

Section 210 of the Government Surveillance Reform Act would change this. This provision says that if a U.S. person has a reasonable basis to believe that their rights have been, are being, or imminently will be violated, they have suffered an “injury in fact” and they have standing to bring their case. It also clarifies that courts should follow FISA’s provision for introducing and weighing evidence of surveillance. These are critical protections in preventing government overreach, and Congress should not reauthorize Section 702 without this provision.

Criminal Notice

Another important safeguard in the American legal system is the right of defendants in criminal cases to know how the evidence against them was obtained and to challenge the legality of how it was collected.

Under FISA as written, the government must disclose when it intends to use evidence it has collected under Section 702 in criminal prosecutions. But in the fifteen years since Congress enacted Section 702, the government has only provided notice to eleven criminal defendants of such intent—and has provided notice to zero defendants in the last five years.

Section 204 of the Government Surveillance Reform Act would clarify that the government is required to notify defendants whenever it would not have had any evidence “but for” Section 702 or other FISA surveillance. This is a common-sense rule, and Congress cannot reauthorize Section 702 without clarifying the government’s duty to disclose evidence collected under Section 702.

Government Surveillance Reform Act

Section 702 expires in December 2023, and Congress should not renew this program without serious consideration of the past abuses of the program and without writing in robust safeguards.

EFF applauds the Government Surveillance Reform Act, which recognizes the need to make these vital reforms, and many more, to Section 702. Requiring court approval of government queries for Americans’ communications in Section 702 databases, allowing Americans who have suffered injuries from Section 702 surveillance to use the evidentiary provisions FISA sets forth, and strengthening the government’s duties to provide notice when using data resulting from Section 702 surveillance in criminal prosecutions must serve as priorities for Congress as it considers reauthorizing Section 702.

 

Take action

TELL congress: End 702 Absent serious reforms

EFF, ACLU and 59 Other Organizations Demand Congress Protect Digital Privacy and Free Speech

26 septembre 2023 à 16:50

Earlier this week, EFF joined the ACLU and 59 partner organizations to send a letter to Senate Majority Leader Chuck Schumer urging the Senate to reject the STOP CSAM Act. This bill threatens encrypted communications and free speech online, and would actively harm LGBTQ+ people, people seeking reproductive care, and many others. EFF has consistently opposed this legislation. This bill has unacceptable consequences for free speech, privacy, and security that will affect how we connect, communicate, and organize.

TAKE ACTION

TELL CONGRESS NOT TO OUTLAW ENCRYPTED APPS

The STOP CSAM Act, as amended, would lead to censorship of First Amendment protected speech, including speech about reproductive health, sexual orientation and gender identity, and personal experiences related to gender, sex, and sexuality. Even today, without this bill, platforms regularly remove content that has vague ties to sex or sexuality for fear of liability. This would only increase if STOP CSAM incentivized apps and websites to exercise a heavier hand at content moderation.

If enacted, the STOP CSAM Act will also make it more difficult to communicate using end-to-end encryption. End-to-end encrypted communications cannot be read by anyone but the sender or recipient — that means authoritarian governments, malicious third parties, and the platforms themselves can’ read user messages. Offering encrypted services could open apps and websites up to liability, because a court could find that end-to-end encryption services are likely to be used for CSAM, and that merely offering them is reckless.

Congress should not pass this law, which will undermine security and free speech online. Existing law already requires online service providers who have actual knowledge of CSAM on their platforms to report that content to the National Center for Missing and Exploited Children (NCMEC), a quasi-government entity that works closely  with law enforcement agencies. Congress and the FTC have many tools already at their disposal to tackle CSAM, some of which are not used. 

❌
❌