Dear Chair Jackson: The Center for Democracy & Technology supports Senate Bill 327, which mandates certain security features and privacy disclosures for connected devices sold in California. The bill is a critical step towards imbuing Internet of Things (IoT) devices with reasonable privacy and security protections.
In an effort to raise the profile of these issues, the Center for Democracy & Technology, through a generous grant from the Hewlett Foundation, is in the midst of a two-year research project to identify both key policy issues in the world of security research and solutions to problems like the chill security researchers often face from laws.
Broadly speaking, net neutrality rules are the protections that internet users have in their relationship with ISPs. In this context, the rules could be thought of as a Bill of Rights for users, enumerating fundamental individual rights that cannot be infringed upon by ISPs. As defined by the FCC, the three bright-line rules are as follows: No Blocking. No Throttling. No Paid Prioritization.
Connected vehicles have tremendous potential to reshape the transportation landscape – bringing important safety and efficiency benefits but also creating new security and privacy risks. In addition, there are long-standing security and privacy issues that, if not resolved, will be compounded with the continued trends towards greater use of software and connectivity in motor vehicles. Our comments focus on three main issues: the need for secure software, the increasing dependence on critical information infrastructures, and the need for greater transparency around data privacy.
The NSA is stopping a controversial part of its warrantless surveillance conducted under Section 702 of the Foreign Intelligence Surveillance Act (FISA), which permits the targeting of non-U.S. persons outside the U.S. It reportedly abandoned the practice of collecting communications that merely mention an identifier associated with a target, such as an email address or telephone number. This “about” collection swept in many communications that involved Americans. NSA will continue to collect communications to which the target is actually a party. CDT has advocated against this form of untargeted surveillance.