GDPR: Avoiding Harms and Expanding Risk

Meaningful protections for individuals’ dignity and personal autonomy demand a broader understanding of privacy risk that considers user expectations and concerns. Privacy risks are not hypothetical, and over and over again, the emergence of these risks are the byproduct of companies discounting the expectations of users while seeing only benefits for themselves. European privacy law flips that script.

Read More

Oakland Shows Leadership in Passing Strong Surveillance Law

Ubiquitous surveillance has the potential to chill speech, limit our freedom of association, and disrupt the personal boundaries we should enjoy, even while in public. The city of Oakland recognized this and has demonstrated great leadership in recently passing a strong surveillance oversight law. The law gives fundamental oversight abilities to Oakland citizens for the technology that could be used by the government to monitor them.

Read More

What the Lower 48 Can Learn About Election Security From Alaska

The state of Alaska understands that security is a practice that requires a cycle of improvement in order to stay ahead of malicious actors and unintended outcomes. On May 10th, the Alaska House State Affairs Committee called a hearing on election security with the goal of examining how the state can continue to maintain the integrity of its election system and the confidence of its voters. Alaska already practices a solid strategy of defense-in-depth to protect its IT systems, and I recommended two-factor authentication as a method to resist phishing attempts, warned of the potentially crippling impacts of ransomware, and identified free services to help ensure that legitimate visitors to the reporting website are not impeded by malicious traffic generated by a DDoS attack.

Read More

Courts Step in to Protect Constitutional Rights at the Border

Twice this week courts have pushed back against suspicionless, warrantless searches of digital devices at the border, in Alassad v. Neilsen in the First Circuit and United States v. Kolsuz in the Fourth Circuit. In both cases plaintiffs argued that warrantless searches of their digital devices at the border violated their Fourth Amendment rights. Alassad survived a motion to dismiss and the the federal appellate court in Kolsuz determined that under the Fourth Amendment, U.S. border authorities cannot search travelers’ cell phones and other electronic devices without individualized suspicion of wrongdoing.

Read More

When Online Dating Met Facebook

At this week’s Facebook Developer Conference, or F8, the social network company announced that it will begin introducing online dating features onto its platform. Its plans are especially intriguing because it effectively merges traditional dating with technology; Facebook can harness social signals used in offline dating – mutual friends, family connections, or school, work, and church networks – while also providing would-be daters the same frictionless experience and abundance of potential choices that characterize the online dating ecosystem. Facebook is promising more information in the months ahead, but incorporating a dating service directly into an existing social network platform raises some privacy and safety questions.

Read More

Ethically Scraping and Accessing Data: Governments Desperately Seeking Data

As cities get smarter, their appetite and access to information is also increasing. The rise of data-generating technologies has given government agencies unprecedented opportunities to harness useful, real-time information about citizens. But governments often lack dedicated expertise and resources to collect, analyze, and ultimately turn such data into actionable information, and so have turned to private-sector companies and academic researchers to get at this information. As the maze of partnerships among public officials, private companies, academics, and independent researchers becomes more tangled, a clear path out of the status quo may be challenging. On-demand platforms, as they continue to disrupt local economies, continue to be a significant flashpoint.

Read More

When Your Internet Won’t Go the Speed Limit: CDT Seeks to File An Amicus Brief in People v. Charter

CDT filed a brief supporting the New York AG’s position in the pending appeal of People v. Charter Communications and Spectrum Management Holding Company, in which we focused on two issues: that the Federal Communications Commission’s Transparency Rule (the only rule slated to survive the net neutrality repeal) should not preempt New York’s consumer protection laws and that consumers are right to expect their broadband speeds to match advertised claims.

Read More