Skip to main content

Home/ Open Web/ Group items tagged legislation

Rss Feed Group items tagged

Paul Merrell

Net Neutrality Revisited, and More from CRS | - 0 views

  • The Congressional Research Service produced a newly updated report on the subject, suggesting that congressional intervention might be appropriate.

    “The FCC’s move to reexamine its existing open Internet rules has reopened the debate over whether Congress should consider a more comprehensive measure to amend existing law to provide greater regulatory stability and guidance to the FCC,” the CRS report said, adding that whether Congress would do so “remains to be seen.”  See The Net Neutrality Debate: Access to Broadband Networks, updated November 22, 2017.

Paul Merrell

Open Access Can't Wait. Pass FASTR Now. | Electronic Frontier Foundation - 0 views

  • When you pay for federally funded research, you should be allowed to read it. That’s the idea behind the Fair Access to Science and Technology Research Act (S.1701, H.R.3427), which was recently reintroduced in both houses of Congress.

    FASTR was first introduced in 2013, and while it has strong support in both parties, it has never gained enough momentum to pass. We need to change that. Let’s tell Congress that passing an open access law should be a top priority.

  • Tell Congress: It’s time to move FASTR

    The proposal is pretty simple: Under FASTR, every federal agency that spends more than $100 million on grants for research would be required to adopt an open access policy. The bill gives each agency flexibility to implement an open access policy suited to the work it funds, so long as research is available to the public after an “embargo period” of a year or less.

    One of the major points of contention around FASTR is how long that embargo period should be. Last year, the Senate Homeland Security and Governmental Affairs Committee approved FASTR unanimously, but only after extending that embargo period from six months to 12, putting FASTR in line with the 2013 White House open access memo. That’s the version that was recently reintroduced in the Senate.  The House bill, by contrast, sets the embargo period at six months.

    EFF supports a shorter period. Part of what’s important about open access is that it democratizes knowledge: when research is available to the public, you don’t need expensive journal subscriptions or paid access to academic databases in order to read it. A citizen scientist can use and build on the same body of knowledge as someone with institutional connections. But in the fast-moving world of scientific research, 12 months is an eternity.

    A shorter embargo is far from a radical proposition, especially in 2017. The landscape for academic publishing is very different from what it was when FASTR was first introduced, thanks in larger part to nongovernmental funders who already enforce open access mandates.

  • Just last year, the Gates Foundation made headlines when it dropped the embargo period from its policy entirely, requiring that research be published openly immediately. After a brief standoff, major publishers began to accommodate Gates’ requirements. As a result, we finally have public confirmation of what we’ve always known: open access mandates don’t put publishers out of business; they push them to modernize their business models. Imagine how a strong open access mandate for government-funded research—with a requirement that that research be licensed openly—could transform publishing.

    FASTR may not be that law, but it’s a huge step in the right direction, and it’s the best option on the table today. Let’s urge Congress to pass a version of FASTR with an embargo period of six months or less, and then use it as a foundation for stronger open access in the future.

Paul Merrell

White House, Intel Chiefs Want To Make Digital Spying Law Permanent | HuffPost - 0 views

  • The White House and U.S. intelligence chiefs Wednesday backed making permanent a law that allows for the collection of digital communications of foreigners overseas, escalating a fight in Congress over privacy and security.

    The law, enshrined in Section 702 of the Foreign Intelligence Surveillance Act, is due to expire on December 31 unless Congress votes to reauthorize it, but is considered vital by U.S. intelligence agencies.

    Privacy advocates have criticized the law though for allowing the incidental collection of data belonging to millions of Americans without a search warrant.

    The push to make the law permanent may lead to a contentious debate over renewal of Section 702 in Congress, where lawmakers in both parties are deeply divided over whether to adopt transparency and oversight reforms

  • Reuters reported in March that the Trump administration supported renewal of Section 702 without any changes, citing an unnamed White House official, but it was not clear at the time whether it wanted the law made permanent.
Paul Merrell

Internet users raise funds to buy lawmakers' browsing histories in protest | TheHill - 0 views

  • Great news! The House just voted to pass SJR34. We will finally be able to buy the browser history of all the Congresspeople who voted to sell our data and privacy without our consent!” he wrote on the fundraising page.

    Another activist from Tennessee has raised more than $152,000 from more than 9,800 people.

    A bill on its way to President Trump’s desk would allow internet service providers (ISPs) to sell users’ data and Web browsing history. It has not taken effect, which means there is no growing history data yet to purchase.

    A Washington Post reporter also wrote it would be possible to buy the data “in theory, but probably not in reality.”

    A former enforcement bureau chief at the Federal Communications Commission told the newspaper that most internet service providers would cover up this information, under their privacy policies. If they did sell any individual's personal data in violation of those policies, a state attorney general could take the ISPs to court.

Paul Merrell

A New Era of Mass Surveillance is Emerging Across Europe | Just Security - 0 views

  • The world was a different place when, in October 2015, the Court of Justice of the European Union (CJEU) struck down the “Safe Harbour” data-sharing agreement that allowed the transfer of European citizens’ data to the US. The Court’s decision concluded that the indiscriminate nature of the surveillance programs carried out by U.S. intelligence agencies, exposed two years earlier by NSA-contractor-turned-whistleblower Edward Snowden, had made it impossible to ensure that the personal data of E.U. citizens would be adequately protected when shared with American companies. The ruling thus served to further solidify the long-standing conventional wisdom that Continental Europe is better at protecting privacy than America.

    However, Europe’s ability to continue to take this moral high ground is rapidly declining. In recent months, and in the wake of a series of terrorist attacks across Europe, Germany, France and the United Kingdom — Europe’s biggest superpowers — have passed laws granting their surveillance agencies virtually unfettered power to conduct bulk interception of communications across Europe and beyond, with limited to no effective oversight or procedural safeguards from abuse.

Paul Merrell

Shaking My Head - Medium - 0 views

  • Last month, at the request of the Department of Justice, the Courts approved changes to the obscure Rule 41 of the Federal Rules of Criminal Procedure, which governs search and seizure. By the nature of this obscure bureaucratic process, these rules become law unless Congress rejects the changes before December 1, 2016.

    Today I, along with my colleagues Senators Paul from Kentucky, Baldwin from Wisconsin, and Daines and Tester from Montana, am introducing the Stopping Mass Hacking (SMH) Act (bill, summary), a bill to protect millions of law-abiding Americans from a massive expansion of government hacking and surveillance. Join the conversation with #SMHact.

  • For law enforcement to conduct a remote electronic search, they generally need to plant malware in — i.e. hack — a device. These rule changes will allow the government to search millions of computers with the warrant of a single judge. To me, that’s clearly a policy change that’s outside the scope of an “administrative change,” and it is something that Congress should consider. An agency with the record of the Justice Department shouldn’t be able to wave its arms and grant itself entirely new powers.
  • These changes say that if law enforcement doesn’t know where an electronic device is located, a magistrate judge will now have the the authority to issue a warrant to remotely search the device, anywhere in the world. While it may be appropriate to address the issue of allowing a remote electronic search for a device at an unknown location, Congress needs to consider what protections must be in place to protect Americans’ digital security and privacy. This is a new and uncertain area of law, so there needs to be full and careful debate. The ACLU has a thorough discussion of the Fourth Amendment ramifications and the technological questions at issue with these kinds of searches.

    The second part of the change to Rule 41 would give a magistrate judge the authority to issue a single warrant that would authorize the search of an unlimited number — potentially thousands or millions — of devices, located anywhere in the world. These changes would dramatically expand the government’s hacking and surveillance authority. The American public should understand that these changes won’t just affect criminals: computer security experts and civil liberties advocates say the amendments would also dramatically expand the government’s ability to hack the electronic devices of law-abiding Americans if their devices were affected by a computer attack. Devices will be subject to search if their owners were victims of a botnet attack — so the government will be treating victims of hackin

  • ...1 more annotation...
  • As the Center on Democracy and Technology has noted, there are approximately 500 million computers that fall under this rule. The public doesn’t know nearly enough about how law enforcement executes these hacks, and what risks these types of searches will pose. By compromising the computer’s system, the search might leave it open to other attackers or damage the computer they are searching.

    Don’t take it from me that this will impact your security, read more from security researchers Steven Bellovin, Matt Blaze and Susan Landau.

    Finally, these changes to Rule 41 would also give some types of electronic searches different, weaker notification requirements than physical searches. Under this new Rule, they are only required to make “reasonable efforts” to notify people that their computers were searched. This raises the possibility of the FBI hacking into a cyber attack victim’s computer and not telling them about it until afterward, if at all.

Paul Merrell

In Hearing on Internet Surveillance, Nobody Knows How Many Americans Impacted in Data C... - 0 views

  • The Senate Judiciary Committee held an open hearing today on the FISA Amendments Act, the law that ostensibly authorizes the digital surveillance of hundreds of millions of people both in the United States and around the world. Section 702 of the law, scheduled to expire next year, is designed to allow U.S. intelligence services to collect signals intelligence on foreign targets related to our national security interests. However—thanks to the leaks of many whistleblowers including Edward Snowden, the work of investigative journalists, and statements by public officials—we now know that the FISA Amendments Act has been used to sweep up data on hundreds of millions of people who have no connection to a terrorist investigation, including countless Americans.

    What do we mean by “countless”? As became increasingly clear in the hearing today, the exact number of Americans impacted by this surveillance is unknown. Senator Franken asked the panel of witnesses, “Is it possible for the government to provide an exact count of how many United States persons have been swept up in Section 702 surveillance? And if not the exact count, then what about an estimate?”

  • Elizabeth Goitein, the Brennan Center director whose articulate and thought-provoking testimony was the highlight of the hearing, noted that at this time an exact number would be difficult to provide. However, she asserted that an estimate should be possible for most if not all of the government’s surveillance programs.

    None of the other panel participants—which included David Medine and Rachel Brand of the Privacy and Civil Liberties Oversight Board as well as Matthew Olsen of IronNet Cybersecurity and attorney Kenneth Wainstein—offered an estimate.

    Today’s hearing reaffirmed that it is not only the American people who are left in the dark about how many people or accounts are impacted by the NSA’s dragnet surveillance of the Internet. Even vital oversight committees in Congress like the Senate Judiciary Committee are left to speculate about just how far-reaching this surveillance is. It's part of the reason why we urged the House Judiciary Committee to demand that the Intelligence Community provide the public with a number. 

  • The lack of information makes rigorous oversight of the programs all but impossible. As Senator Franken put it in the hearing today, “When the public lacks even a rough sense of the scope of the government’s surveillance program, they have no way of knowing if the government is striking the right balance, whether we are safeguarding our national security without trampling on our citizens’ fundamental privacy rights. But the public can’t know if we succeed in striking that balance if they don’t even have the most basic information about our major surveillance programs." 

    Senator Patrick Leahy also questioned the panel about the “minimization procedures” associated with this type of surveillance, the privacy safeguard that is intended to ensure that irrelevant data and data on American citizens is swiftly deleted.

    Senator Leahy asked the panel: “Do you believe the current minimization procedures ensure that data about innocent Americans is deleted? Is that enough?” 

    David Medine, who recently announced his pending retirement from the Privacy and Civil Liberties Oversight Board, answered unequivocally:

  • ...2 more annotations...
  • Senator Leahy, they don’t. The minimization procedures call for the deletion of innocent Americans’ information upon discovery to determine whether it has any foreign intelligence value. But what the board’s report found is that in fact information is never deleted. It sits in the databases for 5 years, or sometimes longer. And so the minimization doesn’t really address the privacy concerns of incidentally collected communications—again, where there’s been no warrant at all in the process… In the United States, we simply can’t read people’s emails and listen to their phone calls without court approval, and the same should be true when the government shifts its attention to Americans under this program.

    One of the most startling exchanges from the hearing today came toward the end of the session, when Senator Dianne Feinstein—who also sits on the Intelligence Committee—seemed taken aback by Ms. Goitein’s mention of “backdoor searches.” 

  • Feinstein: Wow, wow. What do you call it? What’s a backdoor search?

    Goitein: Backdoor search is when the FBI or any other agency targets a U.S. person for a search of data that was collected under Section 702, which is supposed to be targeted against foreigners overseas.

    Feinstein: Regardless of the minimization that was properly carried out.

    Goitein: Well the data is searched in its unminimized form. So the FBI gets raw data, the NSA, the CIA get raw data. And they search that raw data using U.S. person identifiers. That’s what I’m referring to as backdoor searches.

    It’s deeply concerning that any member of Congress, much less a member of the Senate Judiciary Committee and the Senate Intelligence Committee, might not be aware of the problem surrounding backdoor searches. In April 2014, the Director of National Intelligence acknowledged the searches of this data, which Senators Ron Wyden and Mark Udall termed “the ‘back-door search’ loophole in section 702.” The public was so incensed that the House of Representatives passed an amendment to that year's defense appropriations bill effectively banning the warrantless backdoor searches. Nonetheless, in the hearing today it seemed like Senator Feinstein might not recognize or appreciate the serious implications of allowing U.S. law enforcement agencies to query the raw data collected through these Internet surveillance programs. Hopefully today’s testimony helped convince the Senator that there is more to this topic than what she’s hearing in jargon-filled classified security briefings.

  •  
    The 4th Amendment: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and *particularly describing the place to be searched, and the* persons or *things to be seized."*

    So much for the particularized description of the place to be searched and the thngs to be seized.  Fah! Who needs a Constitution, anyway .... 
Paul Merrell

After Paris Attacks, French Cops Want to Block Tor and Forbid Free Wi-Fi | Motherboard - 0 views

  • After the recent Paris terror attacks, French law enforcement wants to have several powers added to a proposed law, including the move to forbid and block the use of the Tor anonymity network, according to an internal document from the Ministry of Interior seen by French newspaper Le Monde.

    That document talks about two proposed pieces of legislation, one around the state of emergency, and the other concerning counter-terrorism.

    Regarding the former, French law enforcement wish to “Forbid free and shared wi-fi connections” during a state of emergency. This comes from a police opinion included in the document: the reason being that it is apparently difficult to track individuals who use public wi-fi networks.

    As the latter, law enforcement would like “to block or forbid communications of the Tor network.” The legislation, according to Le Monde, could be presented as early as January 2016.

Paul Merrell

Activists send the Senate 6 million faxes to oppose cyber bill - CBS News - 0 views

  • Activists worried about online privacy are sending Congress a message with some old-school technology: They're sending faxes -- more than 6.2 million, they claim -- to express opposition to the Cybersecurity Information Sharing Act (CISA).

    Why faxes? "Congress is stuck in 1984 and doesn't understand modern technology," according to the campaign Fax Big Brother.

    The week-long campaign was organized by the nonpartisan Electronic Frontier Foundation, the group Access and Fight for the Future, the activist group behind the major Internet protests that helped derail a pair of anti-piracy bills in 2012. It also has the backing of a dozen groups like the ACLU, the American Library Association, National Association of Criminal Defense Lawyers and others.

  • CISA aims to facilitate information sharing regarding cyberthreats between the government and the private sector. The bill gained more attention following the massive hack in which the records of nearly 22 million people were stolen from government computers.

    "The ability to easily and quickly share cyber attack information, along with ways to counter attacks, is a key method to stop them from happening in the first place," Sen. Dianne Feinstein, D-California, who helped introduce CISA, said in a statement after the hack.

    Senate leadership had planned to vote on CISA this week before leaving for its August recess. However, the bill may be sidelined for the time being as the Republican-led Senate puts precedent on a legislative effort to defund Planned Parenthood.

    Even as the bill was put on the backburner, the grassroots campaign to stop it gained steam. Fight for the Future started sending faxes to all 100 Senate offices on Monday, but the campaign really took off after it garnered attention on the website Reddit and on social media.

    The faxed messages are generated by Internet users who visit faxbigbrother.com or stopcyberspying.com -- or who simply send a message via Twitter with the hashtag #faxbigbrother. To send all those faxes, Fight for the Future set up a dedicated server and a dozen phone lines and modems they say are capable of sending tens of thousands of faxes a day.

  • Fight for the Future told CBS News that it has so many faxes queued up at this point, that it may take months for Senate offices to receive them all, though the group is working on scaling up its capability to send them faster. They're also limited by the speed at which Senate offices can receive them.
  •  
    From an Fight For the Future mailing: "Here's the deal: yesterday the Senate delayed its expected vote on CISA, the Cybersecurity Information Sharing Act that would let companies share your private information--like emails and medical records--with the government.

    "The delay is good news; but it's a delay, not a victory.

    "We just bought some precious extra time to fight CISA, but we need to use it to go big like we did with SOPA or this bill will still pass. Even if we stop it in September, they'll try again after that.

    "The truth is that right now, things are looking pretty grim. Democrats and Republicans have been holding closed-door meetings to work out a deal to pass CISA quickly when they return from recess.

    "Right before the expected Senate vote on CISA, the Obama Administration endorsed the bill, which means if Congress passes it, the White House will definitely sign it. 

    "We've stalled and delayed CISA and bills like it nearly half a dozen times, but this month could be our last chance to stop it for good."

    See also http://tumblr.fightforthefuture.org/post/125953876003/senate-fails-to-advance-cisa-before-recess-amid (;)
    http://www.cbsnews.com/news/activists-send-the-senate-6-million-faxes-to-oppose-cyber-bill/ (;)
    http://www.npr.org/2015/08/04/429386027/privacy-advocates-to-senate-cyber-security-bill (.)
Paul Merrell

Senate majority whip: Cyber bill will have to wait until fall | TheHill - 0 views

  • Senate Majority Whip John Cornyn (R-Texas) on Tuesday said the upper chamber is unlikely to move on a stalled cybersecurity bill before the August recess.

    Senate Republican leaders, including Cornyn, had been angling to get the bill — known as the Cybersecurity Information Sharing Act (CISA) — to the floor this month.

    ADVERTISEMENT
    But Cornyn said that there is simply too much of a time crunch in the remaining legislative days to get to the measure, intended to boost the public-private exchange of data on hackers.  

    “I’m sad to say I don’t think that’s going to happen,” he told reporters off the Senate floor. “The timing of this is unfortunate.”

    “I think we’re just running out time,” he added.

    An aide for Senate Majority Leader Mitch McConnell (R-Ky.) said he had not committed to a specific schedule after the upper chamber wraps up work in the coming days on a highway funding bill.

    Cornyn said Senate leadership will look to move on the bill sometime after the legislature returns in September from its month-long break.

  • The move would delay yet again what’s expected to be a bruising floor fight about government surveillance and digital privacy rights.

    “[CISA] needs a lot of work,” Sen. Patrick Leahy (D-Vt.), who currently opposes the bill, told The Hill on Tuesday. “And when it comes up, there’s going to have to be a lot of amendments otherwise it won’t pass.”

    Despite industry support, broad bipartisan backing, and potentially even White House support, CISA has been mired in the Senate for months over privacy concerns.

    Civil liberties advocates worry the bill would create another venue for the government’s intelligence wing to collect sensitive data on Americans only months after Congress voted to rein in surveillance powers.

    But industry groups and many lawmakers insist a bolstered data exchange is necessary to better understand and counter the growing cyber threat. Inaction will leave government and commercial networks exposed to increasingly dangerous hackers, they say.

    Sen. Ron Wyden (D-Ore.), who has been leading the chorus opposing the bill, rejoiced Tuesday after hearing of the likely delay.

  • “I really want to commend the advocates for the tremendous grassroots effort to highlight the fact that this bill was badly flawed from a privacy standpoint,” he told The Hill.

    Digital rights and privacy groups are blanketing senators’ offices this week with faxes and letters in an attempt to raise awareness of bill’s flaws.

    “Our side has picked up an enormous amount of support,” Wyden said.

    Wyden was the only senator to vote against CISA in the Senate Intelligence Committee. The panel approved the measure in March by a 14-1 vote and it looked like CISA was barrelling toward the Senate floor.

    After the House easily passed its companion pieces of legislation, CISA’s odds only seemed better.

    But the measure got tied up in the vicious debate over the National Security Agency's (NSA) spying powers that played out throughout April and May.

    “It’s like a number of these issues, in the committee the vote was 14-1, everyone says, ‘oh, Ron Wyden opposes another bipartisan bill,’” Wyden said Tuesday. “And I said, ‘People are going to see that this is a badly flawed bill.’”

  • ...2 more annotations...
  • CISA backers hoped that the ultimate vote to curb the NSA’s surveillance authority might quell some of the privacy fears surrounding CISA, clearing a path to passage. But numerous budget debates and the Iranian nuclear deal have chewed up much of the Senate’s floor time throughout June and July.  

    Following the devastating hacks at the Office of Personnel Management (OPM), Senate Republican leaders tried to jump CISA in the congressional queue by offering its language as an amendment to a defense authorization bill.

    Democrats — including the bill’s original co-sponsor Sen. Dianne Feinstein (D-Calif.) — revolted, angry they could not offer amendments to CISA’s language before it was attached to the defense bill.

    Cornyn on Tuesday chastised Democrats for stalling a bill that many of them favor.

    “As you know, Senate Democrats blocked that before on the defense authorization bill,” Cornyn said. “So we had an opportunity to do it then.”

    Now it’s unclear when the Senate will have another opportunity.

    When it does, however, CISA could have the votes to get through.

  • There will be vocal opposition from senators like Wyden and Leahy, and potentially from anti-surveillance advocates like Sens. Rand Paul (R-Ky.), Mike Lee (R-Utah) and Dean Heller (R-Nev.).

    But finding 40 votes to block the bill completely will be a difficult task.

    Wyden said he wouldn’t “get into speculation” about whether he could gather the support to stop CISA altogether.

    “I’m pleased about the progress that we’ve made,” he said.

  •  
    NSA and crew decide to delay and try later with CISA. The Internet strikes back again.
Paul Merrell

CISPA is back! - 0 views

  • OPERATION: Fax Big Brother

    Congress is rushing toward a vote on CISA, the worst spying bill yet. CISA would grant sweeping legal immunity to giant companies like Facebook and Google, allowing them to do almost anything they want with your data. In exchange, they'll share even more of your personal information with the government, all in the name of "cybersecurity." CISA won't stop hackers — Congress is stuck in 1984 and doesn't understand modern technology. So this week we're sending them thousands of faxes — technology that is hopefully old enough for them to understand.

    Stop CISA. Send a fax now!

  • (Any tweet w/ #faxbigbrother will get faxed too!)

    Your email is only shown in your fax to Congress. We won't add you to any mailing lists.

  • CISA: the dirty deal between government and corporate giants.

    It's the dirty deal that lets much of government from the NSA to local police get your private data from your favorite websites and lets them use it without due process.

    The government is proposing a massive bribe—they will give corporations immunity for breaking virtually any law if they do so while providing the NSA, DHS, DEA, and local police surveillance access to everyone's data in exchange for getting away with crimes, like fraud, money laundering, or illegal wiretapping.

    Specifically it incentivizes companies to automatically and simultaneously transfer your data to the DHS, NSA, FBI, and local police with all of your personally-indentifying information by giving companies legal immunity (notwithstanding any law), and on top of that, you can't use the Freedom of Information Act to find out what has been shared.

  • ...1 more annotation...
  • The NSA and members of Congress want to pass a "cybersecurity" bill so badly, they’re using the recent hack of the Office of Personnel Management as justification for bringing CISA back up and rushing it through. In reality, the OPM hack just shows that the government has not been a good steward of sensitive data and they need to institute real security measures to fix their problems. The truth is that CISA could not have prevented the OPM hack, and no Senator could explain how it could have. Congress and the NSA are using irrational hysteria to turn the Internet into a place where the government has overly broad, unchecked powers.

    Why Faxes?

    Since 2012, online and civil liberties groups and 30,000+ sites have driven more than 2.6 million emails and hundreds of thousands of calls, tweets and more to Congress opposing overly broad cybersecurity legislation. Congress has tried to pass CISA in one form or another 4 times, and they were beat back every time by people like you. It's clear Congress is completely out of touch with modern technology, so this week, as Congress rushes toward a vote on CISA, we are going to send them thousands of faxes, a technology from the 1980s that is hopefully antiquated enough for them to understand.

    Sending a fax is super easy — you can use this page to send a fax. Any tweet with the hashtag #faxbigbrother will get turned into a fax to Congress too, so what are you waiting for? Click here to send a fax now!

Paul Merrell

Sloppy Cyber Threat Sharing Is Surveillance by Another Name | Just Security - 0 views

  • Imagine you are the target of a phishing attack: Someone sends you an email attachment containing malware. Your email service provider shares the attachment with the government, so that others can configure their computer systems to spot similar attacks. The next day, your provider gets a call. It’s the Department of Homeland Security (DHS), and they’re curious. The malware appears to be from Turkey. Why, DHS wants to know, might someone in Turkey be interested in attacking you? So, would your email company please share all your emails with the government? Knowing more about you, investigators might better understand the attack.

    Normally, your email provider wouldn’t be allowed to give this information over without your consent or a search warrant. But that could soon change. The Senate may soon make another attempt at passing the Cybersecurity Information Sharing Act, a bill that would waive privacy laws in the name of cybersecurity. In April, the US House of Representatives passed by strong majorities two similar “cyber threat” information sharing bills. These bills grant companies immunity for giving DHS information about network attacks, attackers, and online crimes.

  • Sharing information about security vulnerabilities is a good idea. Shared vulnerability data empowers other system operators to check and see if they, too, have been attacked, and also to guard against being similarly attacked in the future. I’ve spent most of my career fighting for researchers’ rights to share this kind of information against threats from companies that didn’t want their customers to know their products were flawed.

    But, these bills gut legal protections against government fishing expeditions exactly at a time when individuals and Internet companies need privacy laws to get stronger, not weaker. 

  • Worse, the bills aren’t needed. Private companies share threat data with each other, and even with the government, all the time. The threat data that security professionals use to protect networks from future attacks is a far more narrow category of information than those included in the bills being considered by Congress, and will only rarely contain private information.

    And none of the recent cyberattacks — not Sony, not Target, and not the devastating grab of sensitive background check interviews on government employees at the Office of Personnel Management — would have been mitigated by these bills.

Paul Merrell

Lawmakers want Internet sites to flag 'terrorist activity' to law enforcement - The Was... - 0 views

  • Social media sites such as Twitter and YouTube would be required to report videos and other content posted by suspected terrorists to federal authorities under legislation approved this past week by the Senate Intelligence Committee.

    The measure, contained in the 2016 intelligence authorization, which still has to be voted on by the full Senate, is an effort to help intelligence and law enforcement officials detect threats from the Islamic State and other terrorist groups.

  •  
    Chipping away at the First Amendment. 
Paul Merrell

Rally your friends to support the #USAFreedomAct! - Take Action - Google - 0 views

  • The House of Representatives has passed the USA Freedom Act, which represents a significant down payment on broader government surveillance reform.

    We need as many people as possible speaking up to make sure that the Senate says YES to the USA Freedom Act.

  •  
    I suppose it was too much to hope that Google would do the right thing as called for by nearly all civil liberties organizations and call for sunsetting the Patriot Act. But Google's revolving door with NSA speaks and sides with NSA. Bad Google. Truly evil.   
Paul Merrell

PATRIOT Act spying programs on death watch - Seung Min Kim and Kate Tummarello - POLITICO - 0 views

  • With only days left to act and Rand Paul threatening a filibuster, Senate Republicans remain deeply divided over the future of the PATRIOT Act and have no clear path to keep key government spying authorities from expiring at the end of the month.

    Crucial parts of the PATRIOT Act, including a provision authorizing the government’s controversial bulk collection of American phone records, first revealed by Edward Snowden, are due to lapse May 31. That means Congress has barely a week to figure out a fix before before lawmakers leave town for Memorial Day recess at the end of the next week.

    Story Continued Below

    The prospects of a deal look grim: Senate Majority Leader Mitch McConnell on Thursday night proposed just a two-month extension of expiring PATRIOT Act provisions to give the two sides more time to negotiate, but even that was immediately dismissed by critics of the program.

  •  
    A must-read. The major danger is that the the Senate could pass the USA Freedom Act, which has already been passed by the House. Passage of that Act, despite its name, would be bad news for civil liberties. 

    Now is the time to let your Congress critters know that you want them to fight to the Patriot Act provisions expire on May 31, without any replacement legislation. 

    Keep in mind that Section 502 does not apply just to telephone metadata. It authorizes the FBI to gather without notice to their victims "any tangible thing", specifically including as examples "library circulation records, library patron lists, book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records containing information that would identify a person." The breadth of the section is illustrated by telephone metadata not even being mentioned in the section. 

    NSA going after your medical records souand far fetched? Former NSA technical director William Binney says they're already doing it: "Binney alludes to even more extreme intelligence practices that are not yet public knowledge, including the collection of Americans' medical data, the collection and use of client-attorney conversations, and law enforcement agencies' "direct access," without oversight, to NSA databases." https://consortiumnews.com/2015/03/05/seeing-the-stasi-through-nsa-eyes/

    So please, contact your Congress critters right now and tell them to sunset the Patriot Act NOW. This will be decided in the next few days so the sooner you contact them the better. 
Paul Merrell

USA Freedom Act Passes House, Codifying Bulk Collection For First Time, Critics Say - T... - 0 views

  •  
    Surprise, surprise. U.S. "progressive" groups are waging an all-out email lobbying effort to sunset the Patriot Act. https://www.sunsetthepatriotact.com/

    Same with civil liberties groups. e.g., https://action.aclu.org/secure/Section215

    And a coalition of libertarian organizations. http://docs.techfreedom.org/Coalition_Letter_McConnell_215Reauth_4.27.15.pdf

Paul Merrell

Republicans seek fast-track repeal of net neutrality | Ars Technica - 0 views

  • Republicans in Congress yesterday unveiled a new plan to fast track repeal of the Federal Communications Commission's net neutrality rules.

    Introduced by Rep. Doug Collins (R-Ga.) and 14 Republican co-sponsors, the "Resolution of Disapproval" would use Congress' fast track powers under the Congressional Review Act to cancel the FCC's new rules.

  • Saying the resolution "would require only a simple Senate majority to pass under special procedural rules of the Congressional Review Act," Collins' announcement called it "the quickest way to stop heavy-handed agency regulations that would slow Internet speeds, increase consumer prices and hamper infrastructure development, especially in his Northeast Georgia district."

    Republicans can use this method to bypass Democratic opposition in the Senate by requiring just a simple majority rather than 60 votes to overcome a filibuster, but "it would still face an almost certain veto from President Obama," National Journal wrote. "Other attempts to fast-track repeals of regulations in the past have largely been unsuccessful."

    This isn't the only Republican effort to overturn the FCC's net neutrality rules. Another, titled the "Internet Freedom Act," would wipe out the new net neutrality regime. Other Republican proposals would enforce some form of net neutrality rules while limiting the FCC's power to regulate broadband.

  • The FCC's rules also face lawsuits from industry consortiums that represent broadband providers. USTelecom filed suit yesterday just after the publication of the rules in the Federal Register. Today, the CTIA Wireless Association, National Cable & Telecommunications Association (NCTA), and American Cable Association (ACA) all filed lawsuits to overturn the FCC's Open Internet Order.

    The CTIA and NCTA are the most prominent trade groups representing the cable and wireless industries. The ACA, which represents smaller providers, said it supports net neutrality rules but opposes the FCC's decision to reclassify broadband as a common carrier service. However, a previous court decision ruled that the FCC could not impose the rules without reclassifying broadband.

Paul Merrell

POGO Adds its Voice to Calls for Secret Law Oversight - 0 views

  • April 21, 2015

    Dear Chairman Goodlatte, Ranking Member Conyers, Chairman Grassley, and Ranking Member Leahy:

    We urge you to end mass surveillance of Americans. Among us are civil liberties organizations from across the political spectrum that speak for millions of people, businesses, whistleblowers, and experts. The impending expiration of three USA PATRIOT Act provisions on June 1 is a golden opportunity to end mass surveillance and enact additional reforms.

    Current surveillance practices are virtually limitless. They are unnecessary, counterproductive, and costly. They undermine our economy and the public’s trust in government. And they undercut the proper functioning of government.

    Meaningful surveillance reform entails congressional repeal of laws and protocols the Executive secretly interprets to permit current mass surveillance practices. Additionally, it requires Congress to appreciably increase transparency, oversight, and accountability of intelligence agencies, especially those that have acted unconstitutionally.

  • A majority of the House of Representatives already has voted against mass surveillance. The Massie-Lofgren amendment to the National Defense Authorization Act [i] garnered 293 votes in support of defunding “backdoor searches.” Unfortunately, that amendment was not included in the “CRomnibus"[ii] despite overwhelming support.  We urge you to act once again to vindicate our fundamental liberties.
  •  
    Finally! A proposal for mass-surveillance reform that goes far beyond prior overly-modest proposals backed by ACLU, Electronic Frontier Foundation, etc., that were based on negotiation with members of Congress. This proposal is backed by a wide range of other organizations. A must-read.
Paul Merrell

Join The Internet Vote - 0 views

  • Congress is about to introduce a bill to fast track a secret deal that could lead to global censorship. It’s called the Trans-Pacific Partnership (TPP). We think Internet users everywhere should have a say in decisions that affect the Internet — but if “Fast Track” legislation passes, there is no chance that the public will see the text before the deal is approved. Join the Internet Vote on April 23rd and let’s make it clear to DC how we’re voting: against Fast Track and against Internet censorship. (Learn More)
  •  
    Sign up (email address) for updates on a monumental lobbying effort coming up in the next few days when Congress comes back into session and the legislation to "Fast Track" the TPP *and all future trade agrerements* is introduced. From leaked draft portions, we know that the TPP brings us internet censorship and a mass of copyright law changes that have the giant intellectual property corproate folk drooling at the mouth, because they helped write it while the public was excluded.

    This is your chance to help end secret trade agreements that the public doesn't even get to see until they have already been made into law.
Paul Merrell

Tech firms and privacy groups press for curbs on NSA surveillance powers - The Washingt... - 0 views

  • The nation’s top technology firms and a coalition of privacy groups are urging Congress to place curbs on government surveillance in the face of a fast-approaching deadline for legislative action.

    A set of key Patriot Act surveillance authorities expire June 1, but the effective date is May 21 — the last day before Congress breaks for a Memorial Day recess.

    In a letter to be sent Wednesday to the Obama administration and senior lawmakers, the coalition vowed to oppose any legislation that, among other things, does not ban the “bulk collection” of Americans’ phone records and other data.

  • We know that there are some in Congress who think that they can get away with reauthorizing the expiring provisions of the Patriot Act without any reforms at all,” said Kevin Bankston, policy director of New America Foundation’s Open Technology Institute, a privacy group that organized the effort. “This letter draws a line in the sand that makes clear that the privacy community and the Internet industry do not intend to let that happen without a fight.”

    At issue is the bulk collection of Americans’ data by intelligence agencies such as the National Security Agency. The NSA’s daily gathering of millions of records logging phone call times, lengths and other “metadata” stirred controversy when it was revealed in June 2013 by former NSA contractor Edward Snowden.

    The records are placed in a database that can, with a judge’s permission, be searched for links to foreign terrorists.They do not include the content of conversations.

  • That program, placed under federal surveillance court oversight in 2006, was authorized by the court in secret under Section 215 of the Patriot Act — one of the expiring provisions.

    The public outcry that ensued after the program was disclosed forced President Obama in January 2014 to call for an end to the NSA’s storage of the data. He also appealed to Congress to find a way to preserve the agency’s access to the data for counterterrorism information.

  • ...3 more annotations...
  • Despite growing opposition in some quarters to ending the NSA’s program, a “clean” authorization — one that would enable its continuation without any changes — is unlikely, lawmakers from both parties say.

    Sen. Ron Wyden (D-Ore.), a leading opponent of the NSA’s program in its current format, said he would be “surprised if there are 60 votes” in the Senate for that.

    In the House, where there is bipartisan support for reining in surveillance, it’s a longer shot still. “It’s a toxic vote back in your district to reauthorize the Patriot Act, if you don’t get some reforms” with it, said Rep. Thomas Massie (R-Ky.).

    The House last fall passed the USA Freedom Act, which would have ended the NSA program, but the Senate failed to advance its own version.The House and Senate judiciary committees are working to come up with new bipartisan legislation to be introduced soon.

  • The tech firms and privacy groups’ demands are a baseline, they say. Besides ending bulk collection, they want companies to have the right to be more transparent in reporting on national security requests and greater declassification of opinions by the Foreign Intelligence Surveillance Court.
  • Some legal experts have pointed to a little-noticed clause in the Patriot Act that would appear to allow bulk collection to continue even if the authority is not renewed. Administration officials have conceded privately that a legal case probably could be made for that, but politically it would be a tough sell.

    On Tuesday, a White House spokesman indicated the administration would not seek to exploit that clause. “If Section 215 sunsets, we will not continue the bulk telephony metadata program,” National Security Council spokesman Edward Price said in a statement first reported by Reuters.

    Price added that allowing Section 215 to expire would result in the loss of a “critical national security tool” used in investigations that do not involve the bulk collection of data. “That is why we have underscored the imperative of Congressional action in the coming weeks, and we welcome the opportunity to work with lawmakers on such legislation,” he said.

  •  
    I omitted some stuff about opposition to sunsetting the provisions. They  seem to forget, as does Obama, that the proponents of the FISA Court's expansive reading of section 215 have not yet come up with a single instance where 215-derived data caught a single terrorist or prevented a single act of terrorism. Which means that if that data is of some use, it ain't in fighting terrorism, the purpose of the section. 

    Patriot Act § 215 is codified as 50 USCS § 1861, https://www.law.cornell.edu/uscode/text/50/1861

    That section authorizes the FBI to obtain an iorder from the FISA Court "requiring the production of *any tangible things* (including books, records, papers, documents, and other items)." 
    Specific examples (a non-exclusive list) include: the production of library circulation records, library patron lists, book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records containing information that would identify a person." The Court can order that the recipient of the order tell no one of its receipt of the order or its response to it.  

    In other words, this is about way more than your telephone metadata. Do you trust the NSA with your medical records? 
1 - 20 of 34 Next ›
Showing 20 items per page