Related Insights

LabMD v. FTC: Tackling "Unfair" Data Security Practices in the Eleventh Circuit

The latest skirmish in the nearly seven-year battle between diagnostic testing company LabMD and the FTC begins on Wednesday, June 21st, as oral arguments are held in the Eleventh Circuit Court of Appeals. Oral argument may elucidate thinking around two key questions: (1) What are the contours of a “substantial injury” when evaluating unfair data security practices and how should data security’s costs and benefits be evaluated? and (2) What constitutes fair notice and “ascertainable certainty” of the FTC’s expectations for “reasonable” data security?

Read More

CDT’s Analysis of the European Commission’s proposed ePrivacy Regulation

In general, we support the Commission’s initiative to update and rewrite the ePD. We agree with many of the motivations and intentions behind it. However, we offer a number of observations about the approach taken by the Commission that we suggest should be taken into account as the proposal is considered by the European Parliament and the Council of Ministers.

Read More

Issue Brief: The Time Has Come to Move to HTTPS!

All interactions on the web benefit from protection. People online increasingly face serious risks, from financial fraud and spying and surveillance to malware in downloads and advertisements. On the web, protection is achieved by HTTPS, and now is the time to move your websites from (insecure) HTTP to (secure) HTTPS. It’s easier than you may think, and getting easier every day.

Read More

Response and Recommendations For the Digital Security Commission Act of 2016

CDT has reviewed and prepared recommendations for the Digital Security Commission Act of 2016 (S. 2604/H.R. 4651), sponsored by Senator Mark Warner and Representative Michael McCaul. The Act would establish in the legislative branch the National Commission on Security and Technology Challenges, which would be made up of experts from national security and law enforcement, the technology sector, and the cryptography and privacy and civil liberties communities. Although CDT agrees with the general notion that bringing diverse stakeholders to the table is an important and effective means of solving a problem, CDT cannot support this bill.

Read More

A Big-Apple Judge Sides with Apple: A Breakdown of Magistrate Judge Orenstein’s Opinion

The end of the Apple/FBI case in California is a win for cybersecurity and privacy – but a temporary one. It’s only a matter of time before another judge considers whether or not the All Writs Act can be used to force Apple or another company to weaken the security of its devices in aid of ongoing investigations. In fact, less than a month ago, a New York magistrate judge faced a similar legal question involving an iPhone from a drug trafficking case; his answer was an emphatic “no.” This is CDT’s in-depth breakdown of the opinion, which the government appealed to the District Court.

Read More

CDT Files Brief in Support of Apple

The Center for Democracy & Technology (CDT) has filed an amicus brief in support of Apple in its challenge to the FBI order to unlock the cell phone of an attacker in the San Bernardino shootings. CDT’s brief addresses the inappropriate application of the All Writs Act in an attempt by the government to compel Apple to create a new, less secure operating system for the phone. CDT has long opposed government-mandated backdoors in technology, and believes that strong encryption strengthens the security of our nation.

Read More

Digital Marketing Properties Must Adopt Encryption Best Practices

In the wake of Edward Snowden’s revelations, data is increasingly encrypted both in transit and at rest. On the web, HTTPS – the colloquial term for HTTP traffic encrypted with the TLS protocol – adoption has grown significantly, and there is increasing consensus that HTTPS is critical for a trusted web. In this white paper we lay out CDT’s recommendations on what properly implemented HTTPS entails.

Read More

Is Breaking Web Encryption Legal?

Companies finding ways to subvert Internet encryption have been in the news recently. Last month, in-flight Wifi provider Gogo was caught intercepting encrypted web sessions on YouTube and other video sites in order to throttle high-bandwidth users. And earlier this week, it was revealed that Lenovo was installing adware on laptops that intercepted all encrypted web requests…

Read More
  • 1
  • 2