A New Day for Privacy Dawns in California

California’s passage of AB 375, the California Consumer Privacy Act of 2018, reshapes the conversation about privacy law and regulation in the United States. CDT annotated key issues and concerns in the legislation, and we intend to track how these provisions are debated and potentially changed before January 1, 2020. We highlight five areas of the law that will require additional consideration from legislators, advocates and industry.

Read More

The Privacies of Life

In Carpenter vs. United States, the Supreme Court held that law enforcement is required to obtain a warrant to access historical cell-site location information. In this slow but steady progress, the Court has grappled seriously with how to apply traditional notions of privacy – and limits on government intrusion – to a world in which data is much more easily generated, stored, transferred, and accessed by law enforcement. Unfortunately, the same cannot be said for our privacy protections with respect to commercial entities. Consumers rightfully expect privacy and security for their sensitive digital data regardless of whether it’s in the hands of the government or a private company. It is time for the federal government to establish baseline privacy protections that honor those expectations.

Read More

Protecting Consumers in the Era of IoT – CDT Comments to the Consumer Product Safety Commission

With its recall authority and broad mission to protect consumers, the Consumer Product Safety Commission (CPSC or the Commission) plays an essential role in protecting the public against hazards associated with products such as toys, refrigerators, and lawn mowers. Increasingly, such potential hazards are becoming digital, as products of all kinds incorporate computers and networks to make them “smarter.” As federal agencies explore their role in the digital realm, the CPSC should direct its authority to protecting consumers from the real and growing threats associated with these Internet of Things (IoT) devices.

Read More

New Voting System Vulnerabilities in Congo

The Sentry, an NGO that works to prevent genocide and mass atrocities in Africa, released a detailed analysis of the new system slated for use in the upcoming elections in the Democratic Republic of the Congo. The Sentry worked with Argentinian security researchers Javier Smaldone and Alfredo Ortega and CDT Chief Technologist Joseph Lorenzo Hall to examine what little public information is available about this system. The verdict is not good. A lot of unanswered questions should be addressed before it can be used safely in DRC elections.

Read More

Mega-Merger: Vertical Integration in a Deregulated Environment

The combination of massive vertical integration and deregulation could set off a tectonic shift in the landscape of the internet. Vertically-integrated ISPs will have an even greater incentive to favor their own content and edge providers, and will be better positioned to leverage their control of popular content to effect negotiations with competing services. In a world where a few ISPs control both access and content, protecting the rest of the internet against discriminatory treatment will be crucial to preserve the internet as an open and flat communications network.

Read More

Tech Talk: Habeas Data and the Future of Work

In this episode of Tech Talk, we talking to Cyrus Farivar of Ars Technica about his new book Habeas Data, where he takes a close look at the legal cases and policies that are shaping American surveillance practices. After that, we welcome Aaron Pinto, a Canadian delegate to the G7 youth summit or Y7 who shared his insights on the future of work, highlighting how young leaders from the G7 countries see technology impacting their future.

Read More