Related Posts

“The Cyber:”  Everything You Need to Know About Computer Security Research and More

Of all of this attention to cybersecurity issues, however, too little is being paid to arguably the most important constellation in the cyber universe: the thousands of researchers who toil, often in obscurity, to identify and mitigate cybersecurity vulnerabilities. And yet, this research is more important than many of us not in this world can appreciate. We’ve released a comprehensive white paper that we hope will help frame these conversations going forward. Our paper, titled “The Cyber: Hard Questions in the World of Computer Security Research,” takes a deep dive into four areas of focus.

Read More

Trump Tower Claims Debunked, But Overbroad Surveillance Still Cause for Concern

It has now been confirmed by FBI Director Jim Comey, both of Congress’s intelligence committees, and the Speaker of the House that President Trump did not have his “wires tapped” at Trump Tower by the Obama administration prior to the president’s election. But here are some thoughts about why, while the president’s wiretapping claims are without merit, we should still be concerned about how communications intercepted for foreign intelligence purposes can now be shared more broadly across the intelligence and thus possibly misused to target people in the United States who have nothing to do with spying or terrorism.

Read More

CDT provides comments to the NTIA green paper “Fostering the Advancement of the Internet of Things”

This week, the Center for Democracy and Technology (CDT) provided public comments on a National Telecommunications and Information Administration (NTIA) green paper titled “Fostering the Advancement of the Internet of Things (IoT).” CDT applauds the NTIA and its Internet Policy Task Force for the green paper. It provides a comprehensive examination of the key issues that decision-makers in the public and private sectors must grapple with in order to realize the benefits of the IoT, while mitigating security, privacy, and other risks. CDT’s comments supported a proposed risk-based approach to IoT security, suggested development of metrics to assess the costs/losses due to IoT security issues, and urged a greater focus on the unique privacy concerns raised by IoT devices. CDT also cosigned a submission by Rapid 7 supporting the development and implementation of coordinated vulnerability disclosure and handling processes. All public comments can be found at the NTIA website.

Read More

A United Front Against Collecting Passwords at the Border

CDT a letter to the Secretary of Homeland Security. CDT, along with a powerful coalition of civil society groups, academics, technical experts, and tech trade associations, strongly opposes any attempt by the government to collect social media passwords as a condition of entry to the United States. Such an approach would undermine human rights and personal security.

Read More

DIY Digital Security: Self-Assessment Quizzes for All Levels

In preparation for our return to SXSW Interactive this weekend, CDT has developed three cybersecurity self-assessment quizzes tailored to three different audiences: the general public/activist community wishing to ease into effective cybersecurity strategies; businesspeople whose online practices affect not only their own digital security, but that of their company as well; and the “leet” community already well-versed in basic security tools and techniques.

Read More

Demanding Passwords at the Border Would Undermine Human Rights and Personal Security

Based on remarks by the Homeland Security Secretary John Kelly, the U.S. government is considering taking advantage of the vulnerable moment when someone passes through border control to collect social media account passwords of non-citizens. The government cannot have access to people’s passwords simply because they cross the border. Full stop.

Read More

Promising Hearing on Section 702

On Wednesday, March 1, the House Judiciary Committee held a promising hearing to review Section 702 of the Foreign Intelligence Surveillance Act (FISA), which expires on Dec. 31, 2017 unless reauthorized. Section 702 authorizes surveillance targeting non-U.S. persons reasonably believed to be outside the United States if a “primary purpose” of the surveillance is to collect foreign intelligence information. Section 702 surveillance programs were among the more prominent surveillance programs revealed in 2013 by Edward Snowden. After a lengthy, reportedly well-attended classified session with intelligence officials, only a handful of members returned for the open session. But the members who did return made the most of their time; in particular, Representatives Ted Lieu (D-CA), Raul Labrador (R-ID), Ted Poe (R-TX), and Jim Jordan (R-OH) asked many of the right questions and signaled the need for meaningful reforms to 702 to protect civil liberties. Their questions and concerns suggest that Section 702 reauthorizing legislation must include substantial reforms in order to get through the House Judiciary Committee.

Read More

The List-Building Has Begun: How the Tech Sector Should Respond

In a digital age of fluid boundaries between the individual, company, and state, it is imperative that companies defend the rights of their individual customers and take steps — whether in technology design or in institutional policy — to limit disclosure of personal data to the government. The list-building has begun, but companies must not become willing partners.

Read More