Draft Car Safety Bill Goes In The Wrong Direction

A House Energy and Commerce Subcommittee recently released a discussion draft of a bill on vehicle safety. Although the bill is well-intentioned, it includes a troubling section aimed at preventing “motor vehicle hacking.” Sec. 302 of the draft bill would create massive civil penalties – up to $100,000 per violation – for accessing a car’s software without authorization for any reason.

Read More

Cross-Device Tracking Requires Strong Privacy and Security Standards

Users are also being tracked across devices through the use of ultrasonic inaudible audio beacons, which link devices that are close in proximity to one another. Audio beacons are deployed when a user encounters an ad online and the advertiser drops a cookie on the computer while also playing an ultrasonic audio sound through the use of the speakers on the computer or device.

Read More

Always On: Table for Tech

The spirited and passionate dialogue among our recent Table for Tech panelists showcases the range of important questions that remain to be answered about food and data. CDT wants to contribute to a process of establishing rules that promote the public good while preserving self-determination about what, where, and with whom individuals eat. We are excited to dig in.

Read More

Four Myths and Realities: Civil Agencies, Subpoenas, and Digital Content

There is near-universal agreement that the Electronic Communications Privacy Act (ECPA) is in serious need of reform to offer real protections to our digital communications. One of the only barriers that remains is the misguided and dangerous calls from civil agencies for an exception to the warrant requirements reform would establish. Here we debunk the most prevalent myths civil agencies are peddling.

Read More

CDT files joint opposition in support of the FCC’s authority to protect the privacy of Lifeline customers and applicants

Today CDT joined a group of advocacy organizations in filing in a somewhat obscure regulatory proceeding with significant implications for the privacy of every user of telecommunications services. Our filing is an opposition to CTIA — The Wireless Association’s (CTIA) petition for partial reconsideration of the FCC’s most recent Order addressing issues related to its Lifeline program. CTIA’s position is problematic for a number of reasons.

Read More

A Major Win for Privacy: California ECPA Signed into Law

Yesterday, California Governor Jerry Brown signed into law the California Electronic Communications Privacy Act (CalECPA), which enshrines into law a warrant requirement for digital information — including content, location information, and metadata — for California law enforcement agencies. This is a historic win for privacy; we hope that other states and Congress take up the call to modernize protections for electronic data.

Read More

Learn to think like an attacker to stay safe online

It’s National Cyber Security Awareness Month. You’ll be seeing a lot of encouraging words to “be aware” of cybersecurity. But how the heck are we supposed to do that? Cybersecurity done well is ideally something people don’t have to think about! However, a big part of cybersecurity awareness involves being able to estimate and plan accordingly for common threats. In the technical community, we call this threat modeling.

Read More

State Lawmakers Have Options to Protect Your Digital Legacy

As state legislatures prepare for another season, they will be able to choose among several models for updating estate law while preserving users’ control of their digital legacies. CDT played a major role in crafting two of the models that are available this year, and this week the Uniform Law Commission has unveiled a new model that is both privacy protecting and administrable. The updated model makes several meaningful improvements.

Read More

Facebook Should Reform Its “Real Name” Policies

CDT, along with several other advocacy organizations, sent a letter to Facebook urging them to reconsider their “real name” policy that has led to criticism from a variety of groups. While Facebook’s policy is an attempt to correlate one’s online identity with an objective, non-constructed self, you don’t need a doctorate in sociology to understand that in our world, all identities are constructed.

Read More

The EU-US Umbrella Agreement and the Judicial Redress Act: Small Steps Forward for EU Citizens’ Privacy Rights

One of the European Commission’s responses to the Snowden revelations was the swift adoption of the ‘EU-US Umbrella Agreement’. The objective of the Commission is to put in place a high level of data protection when personal information is transferred between the US and an EU country for the purpose of investigating, detecting, or prosecuting a crime. It was recently initialed by EU and US negotiators, pending US Congress adoption of the Judicial Redress Act. We view these developments as limited, but not insignificant improvements on the privacy rights of EU citizens.

Read More