Screen Shot 2015-07-27 at 12.07.12 PM

Another State Taking On Privacy Legislation

New Hampshire became the ninth state to enact legislation reigning in warrantless law enforcement access to location records generated by cell phones and other electronic devices. Location records show where you are and have been, based on communications between your mobile device and the nearest cellular tower, and other electronic location tracking techniques such as GPS. The New Hampshire legislation prohibits the government from obtaining “location information from an electronic device without a warrant issued by a judge based on probable cause and on a case-by-case basis.”

Read More

Coalition Seeks Revisions to Potentially Restrictive Wassenaar Proposal

A broad coalition of civil society filed comments with the Bureau of Industry and Security (BIS) in the U.S. Department of Commerce on their proposed implementation of new export control rules for “cybersecurity software”. The new controls are intended to prevent the export of digital surveillance tools to nation-state-level actors who plan to use them to spy on their citizens, but also limit the export of encryption technologies.

Read More

Make Your Password Exponentially More Secure

If you’ve used the internet, you’ve probably created a password. There’s a lot of advice out there about creating passwords: use uppercase! use lowercase! Use numbers! Symbols! Don’t use a dictionary word! Use many dictionary words in a passphrase! There is so much advice, and so much of it is conflicting, and often it comes without any explanation. In this post, I’ll detail what a good password is (and why), give you some tools to help remember your password, and give a few other simple ways to help protect your account.

Read More

Graham/Whitehouse Draft Bill Would Make CFAA Worse

Senators Graham and Whitehouse are circulating draft cybercrime legislation, with several provisions modifying the Computer Fraud and Abuse Act (CFAA) – 18 USC 1030, the primary anti-hacking law of the United States. The draft bill is called the “International Cybercrime Prevention Act of 2015″ and aims to crack down on theft of trade secrets and malicious hacking. Overall, the draft bill would exacerbate, not eliminate, the harshness, over breadth, and confusion with the CFAA.

Read More

EU Industry Committee Makes Strides in Protecting the Open Internet

The European Parliament Committee on Industry, Research, and Energy has approved an informal proposal on the Telecoms Single Market regulation. This moves the regulation another step closer to becoming law, with a plenary vote likely sometime this fall. The proposed regulation goes a long way towards protecting the open Internet. Although far from perfect, the agreed-upon text is a significant accomplishment that at times seemed exceedingly unlikely.

Read More

Parliament Adopts Reda Report Calling on Commission to Harmonize and Balance Copyright

In a plenary session, the European Parliament voted yesterday to adopt a report on “the harmonization of certain aspects of copyright and related rights in the information society.” In a previous post, we applauded the report’s recognition of the importance of balanced copyright while lamenting over some the elements of the draft report that failed to make their way into the text adopted by Parliament’s legal affairs committee (JURI). Even with deletions and alterations, the report highlights the need for minimum baseline of copyright limitations and exceptions across the Union. The text of the report remains largely unchanged since its adoption by JURI, but a few late amendments made important improvements to the report.

Read More

Intel Authorization Bill Would Turn Online Service Providers into Law Enforcement Watchdogs

Last week, the Senate Intelligence Committee passed a version of the Intelligence Authorization Act for FY 2016 (S. 1705) that would create a new “duty to report” apparent “terrorist activity” for providers of electronic communication services, which include online content hosts, internet service providers, and public libraries and coffee shops that offer WiFi access. The ramifications of this provision, which was introduced through a secret, closed-door committee process, are immense.

Read More

FBI’s New Crypto Plan: Ditch Legislation, Build Thor’s Magic Hammer

Wednesday there were two Senate Hearings on encryption and law enforcement access. Despite the fact that only 0.1% of wiretaps last year encountered encryption that could not be deciphered, the FBI has been arguing that it is “going dark” – that, increasingly, they encounter communications they can’t get access to, despite having a warrant. It’s clear from today’s hearings that the tide in the encryption debate has shifted: the FBI stated explicitly that it doesn’t have a proposed solution or a legislative proposal, and is punting to the tech industry to provide solutions. However, they’re asking industry to invent something that is intrinsically impossible.

Read More

Internet Lifeline: Making the Connection Without Raising the Privacy Risks

Last week, the FCC took the very important step of proposing modernized rules for helping low-income Americans access critical communications services, without unnecessarily conditioning that access on a ten-year data-retention requirement. As CDT advocated, the FCC made the right call in declining to extend Lifeline’s three-year data-retention period by an additional seven years.

Read More