Related Insights

Section 702: Fixing the Backdoor Search Loophole

Although U.S. persons cannot be targeted under Section 702, their communications with non-U.S. persons can be collected and retained for years. The NSA, CIA, and FBI can query 702-acquired information using a U.S.-person identifier, without a warrant or court order. This loophole allows the government to bypass the Fourth Amendment’s protection against warrantless searches.

Read More

LabMD v. FTC: Tackling "Unfair" Data Security Practices in the Eleventh Circuit

The latest skirmish in the nearly seven-year battle between diagnostic testing company LabMD and the FTC begins on Wednesday, June 21st, as oral arguments are held in the Eleventh Circuit Court of Appeals. Oral argument may elucidate thinking around two key questions: (1) What are the contours of a “substantial injury” when evaluating unfair data security practices and how should data security’s costs and benefits be evaluated? and (2) What constitutes fair notice and “ascertainable certainty” of the FTC’s expectations for “reasonable” data security?

Read More

Chris Calabrese’s Testimony Before US House Hearing – “Data Stored Abroad: Ensuring Lawful Access and Privacy Protection in the Digital Era”

Chairman Goodlatte, Ranking Member Conyers, and Members of the Committee: Thank you for the opportunity to testify on behalf of the Center for Democracy & Technology (CDT). CDT is a nonpartisan, nonprofit technology policy advocacy organization dedicated to protecting civil liberties and human rights, including privacy, free speech and access to information. We applaud the Committee for holding a…

Read More

Remarks from Nuala O'Connor at 2017 CDT Annual Dinner

On April 20, 2017, the Center for Democracy & Technology hosted its Annual Dinner, fondly referred to as Tech Prom. At the dinner, CDT’s President & CEO Nuala O’Connor delivered remarks that focused on digital dignity. She highlighted CDT’s advocacy efforts opposing the collection of passwords at the border, supporting strong broadband privacy protections, ensuring free speech rights online, and making the entire internet more secure.

Read More

Comments Re: National Emergency Address Database Privacy and Security Plan PS Docket No. 07-114

In January 2015, CDT joined with other public advocacy organizations to express concerns about the privacy impact of the NEAD. We cautioned that users of networked devices likely do not expect that information about their personal devices and physical address will be stored in a national database that is accessible to multiple parties. In those comments, we offered several recommendations for protecting user privacy including strong limits on third-party access to the database and opt-out mechanisms for individuals.CDT is pleased that the draft NEAD Privacy and Security Plan appears largely to address these concerns. We write now to highlight several aspects of the NEAD Platform that protect privacy and security, and suggest how the plan’s practices might evolve in the future.

Read More

CDT Comments to the NTIA on Fostering the Advancement of the Internet of Things

Though it is likely that the Federal Trade Commission will continue to lead on privacy policy and enforcement, CDT recommends that the NTIA and Department of Commerce continue their ongoing efforts to engage stakeholders and to pursue consensus-based global standards, starting from the premise that the privacy challenges raised by the IoT are novel. The Department is well positioned to highlight efforts within industry to promote privacy, which includes addressing basic Fair Information Practice Principles and adopting privacy by design across the full lifecycle of IoT devices, products, and services.

Read More

Coalition Letter to Secretary Kelly Opposing Collection of Passwords at the Border

A coalition of human rights and civil liberties organizations and trade associations wrote to DHS Secretary Kelly in response to his statement at the House Homeland Security Committee hearing, that the Department of Homeland Security would consider requiring visa applicants to provide log-in information (passwords or other credentials) for their social media accounts.

Read More