Slashdot Mirror

The EFF is only today able to release details of an attempt by the government to alter the historical record in the case brought by the EFF against the NSA in Jewel v. NSA. "On June 6, the court held a long hearing in Jewel in a crowded, open courtroom, widely covered by the press. We were even on the local TV news on two stations. At the end, the Judge ordered both sides to request a transcript since he ordered us to do additional briefing. But when it was over, the government secretly, and surprisingly sought permission to "remove" classified information from the transcript, and even indicated that it wanted to do so secretly, so the public could never even know that they had done so." As you'd expect of the EFF, they fought back with vigorous objections, and in the end the government did not get its way, instead deciding that it hadn't given away any classified information after all. "The transcript of a court proceeding is the historical record of that event, what will exist and inform the public long after the persons involved are gone. The government's attempt to change this history was unprecedented. We could find no example of where a court had granted such a remedy or even where such a request had been made. This was another example of the government's attempt to shroud in secrecy both its own actions, as well as the challenges to those actions. We are pleased that the record of this attempt is now public. But should the situation recur, we will fight it as hard as we did this time."

klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.

klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.

klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.

AHuxley (892839) writes The Sydney Morning Herald is reporting that Australian federal and state police are using a no warrant cell phone tower metadata access technique called a "tower dump". A "tower dump" provides the identity, activity and location of all cell phones that connect a cellphone tower(s) over time (an hour or two). The metadata from thousands of phones and numbers connected are then sorted. Australian law-enforcement agencies made 330,000 requests for metadata in 2012-13. AHuxley links to some U.S. views on the same kind of massive data grab: The Wall Street Journal says they caputure innocent users' data; the Chicago Police Department is being sued for information on its purchases of equipment associated with this kind of slurping; and the EFF asks whether warrant protection for users' data will be extended by voice-comm companies as it has been for ISPs. I wonder what people would think of an occasional "postal zone dump" employing the same kind of dragnet but for communications on paper.

Bismillah writes: The Preferred Network Offload feature in Android extends battery life, but it also leaks location data, according to the Electronic Frontier Foundation. What's more, the same flaw is found in Apple OS X and Windows 7. "This location history comes in the form of the names of wireless networks your phone has previously connected to. These frequently identify places you've been, including homes ('Tom’s Wi-Fi'), workplaces ('Company XYZ office net'), churches and political offices ('County Party HQ'), small businesses ('Toulouse Lautrec's house of ill-repute'), and travel destinations ('Tehran Airport wifi'). This data is arguably more dangerous than that leaked in previous location data scandals because it clearly denotes in human language places that you've spent enough time to use the Wi-Fi."

cartechboy writes What if you got into your car and you had to authenticate that it was you behind the wheel? That might be what's coming in the near future as Ford's working with Intel to bring facial recognition to the car. The idea would be to improve safety and in-car tech with this system which is being called Project Mobil. When someone enters a Project Mobil-equipped car the system uses front-facing cameras to authenticate the driver. If the driver can't be authenticated it'll send a photo to the vehicle owner's phone asking for permission for this person to drive the vehicle. Once identified, the car can then automatically adjust certain settings to the driver's preference. This could also theoretically allow parents to control how loud their kids listen to the music while driving, how fast they can drive, and even simply monitor them driving. Obviously this NSA-like surveillance tech is a bit creepy on some levels, but there could be a lot of terrific applications for it. While only an experiment, don't be surprised if your dashboard stares back at you eventually.

The Guardian reports that Alaa Abd El Fattah, "one of the activists most associated with the 2011 uprising that briefly ended 60 years of autocratic rule, was sentenced to 15 years in jail for allegedly organising a protest – an act banned under a law implemented last November, and used to jail several revolutionary leaders. ... Abd El Fattah was also jailed under Mubarak, the military junta that succeeded him, and Adly Mansour, the interim president installed after the overthrow of Mohamed Morsi last summer. Under Morsi, Abd El Fattah escaped prison, but was placed under investigation." The EFF points ou that Abd El Fattah "is one of many caught up in the Egyptian government’s attempt to assert powers. Alaa set an example for how the Internet could be used to organize and exercise free speech: Egypt's leaders should not be permitted to make an example of him to silence others." Update: 06/12 20:02 GMT by T : Reader Mostafa Hussein points out that Abd El Fattah took part in a Slashdot interview more than 10 years ago, too; it gives some insight into the tech scene (and a bit of the politics) of Egypt at that time.

Today, as the EFF notes, marks one year from Edward Snowden's first document leaks, and the group is using that as a good spur to install free software intended to make it harder for anyone (the NSA is certainly not the first, and arguably far from the worst) to spy on your electronic communications. Nowadays, that means nearly everything besides face-to-face communication, or paper shipped through the world's postal systems. Reader gnujoshua (540710) highlights one of the options: 'The FSF has published a (rather beautiful) infographic and guide to encrypting your email using GnuPG. In their blog post announcing the guide they write: "One year ago today, an NSA contractor named Edward Snowden went public with his history-changing revelations about the NSA's massive system of indiscriminate surveillance. Today the FSF is releasing Email Self-Defense, a guide to personal email encryption to help everyone, including beginners, make the NSA's job a little harder.'" Serendipitous timing: a year and a day ago, we mentioned a UN report that made explicit the seemingly obvious truth that undue government surveillance, besides being an affront in itself, chills free speech. (Edward Snowden agrees.)

An anonymous reader writes "Netflix yesterday furthered its plans to ditch Silverlight for HTML5 on Macs, having already done so last year in IE11 on Windows 8.1. HTML5 video is now supported by Netflix in Safari on OS X Yosemite, meaning you can stream your favorite movies and TV shows without having to install any plugins." Courtesy of encrypted media extensions.

samzenpus (5) writes "Recently you had a chance to ask Jennifer Granick, the Director of Civil Liberties for the Center for Internet and Society at Stanford Law School, about surveillance, data protection, copyright, and number of other internet privacy issues. Below you'll find her answers to those questions." What can be done to fix the DMCA?
by Anonymous Coward

As pretty much anyone who has ever used YouTube (or any similar service) knows, the DMCA has a lot of issues. For one, there's the fact that individuals or companies who file false DMCA claims, which are supposedly punishable under the law, are never punished. Another would be the unfair application of the DMCA - partners and other monetized channels on YouTube will (almost) never have their videos taken down from a single DMCA claim, even if a video made under the same circumstances and containing similar content would be taken down on a non-partner channel if a DMCA notice was ever filed. Is the EFF planning to do anything lobbying-wise to fix the DMCA? If so, what in your opinion would be the way to go about fixing it?

Granick: I don’t work for EFF anymore, so I can’t speak for their plans or thoughts.

The DMCA has two main parts, the notice and take down provisions, and the anti-circumvention provisions. By and large I think the notice and take down provisions are livable. the burden for specifically identifying infringing content is and should remain on rights holders. In making those identifications, there is the problem of unpunished abuse, and even just plain mistakes. Sometimes, legitimate content is improperly taken down and not restored. But overall, that system is allowing non-infringing content to flourish, and even enabling alternative business models for licensing and monetizing.

The anti-circumvention provisions, also called section 1201, are fundamentally broken. They interfere with people’s freedom to explore and modify software and devices that they themselves own. I support currently stalled efforts to reform section 1201 by protecting cell phone unlocking. If want to just address phone unlocking, there’s a right and a wrong way to do it. https://cyberlaw.stanford.edu/blog/2013/03/heres-how-legalize-phone-unlocking Still, these efforts fall short. Section 1201 could be and should be modified to regulate tools designed for infringement and leave mere access and tools that enable access alone.



Role of DMCA and free markets
by JohnnyComeLately

Do you see free market innovation thriving with DMCA despite the apparent lack of innovation? Articulation of my question: When I buy a car, I can modify it. If people like my modification they can view it at my leisure and tinker themselves. GM doesn't sue me, and if I open a business to work on other GM cars to do similar GM vehicle modifications, then I have little legal exposure. However, with DMCA, GM can shut down a video if it's "suspected" I've infringed on a digital asset, and I can't legally sell modifications of their digital asset. This is why we see every new technology for digital streaming of data run a gauntlet of legal hurdles, which in turn stifles new innovation in the area of digital property.

Granick: The anti-circumvention provisions of the DMCA haven’t totally killed innovation even as they hamper it in a number of ways. The EFF has been documenting those ways.



Re:European "right to be forgotten"
by AmiMoJo

Could you explain the "right to be forgotten" concisely and effectively so that people don't assume it grants "freedom not to be talked about"? Every story on Slashdot and every other news site with comments gets hundreds of angry responses from people who have completely the wrong idea about it.

Granick: The new case from the European Court of Justice says that people can compel search engines to remove certain reputation-harming search results that are generated by searching on the individual’s name. The ruling does not establish a “freedom not to be talked about” generally. But it is too broad. It interferes with the sanctity of search, which should be about getting people the most relevant results. Instead, it allows individuals to try to hide information about themselves, even if true. And the standard to be applied is horribly vague — search results are to be excluded if they are “inadequate, irrelevant or no longer relevant”. Companies will likely err on the side of caution and remove links upon request, regardless of the public interest in the information.



ECJ Google Spain v AEPD: privacy vs expression?
by xavdeman

You must deal with the clash between freedom of information (and expression), like in the Schwartz-case, and the right to privacy (and to be forgotten, even by agencies such as the NSA), every day.

What is your opinion on the Court of Justice of the European Union's Grand Chamber judgement in C-131/12 (Google Spain v AEPD and Mario Costeja Gonzalez)? The court ruled that the fundamental rights to privacy and data protection should, ‘as a rule’ override ‘not only the economic interest of the operator but also the interest of the general public in finding that information’. However, in certain circumstances, there may be a preponderant interest of the general public (for instance, if the individual concerned was a public figure) [97].[...], this is an assessment which must be made by the national court [98]. One commentator (Guy Vassall-Adams) noted that: "It appears that the court never asked itself if these large corporations can be relied on to protect the public interest in freedom of expression, taking a principled stance in response to unmeritorious complaints, as opposed to simply following the easy (and cheap) course of erasing information on request. Across the Atlantic and around the world other countries will look on us with bemusement as they read information which we are denied. This judgment is profoundly harmful to the operation of the internet and a betrayal of Europe’s great legacy in protecting freedom of expression."

Do you think the Court struck a good balance between the rights to privacy and freedom of expression? Can we expect a similar ruling by the US Supreme Court?...

Granick: For the reasons above, I think the ruling is a big mistake. I don’t believe this rule would be possible in the United States, as it almost certainly violates the First Amendment.

...What is your opinion on the Streisand effect of such cases (everybody knows that Mario Costeja Gonzalez was at one time involved in bankruptcy proceedings, because this is in ECJ case).

Granick: This individual will go down in history for both bankruptcy proceedings and for engendering one of the more confounding privacy rulings of the decade.



How to fight harder and win
by globaljustin

Ms. Granick, thanks so much for taking the time, your expertise on this issue is very valuable! I was an intern on Capitol Hill and was able to sneak into the Senate Judiciary Committee hearing on updates to the DCMA where Metallica and Shaun Fanning testified. My question: On issues of digital technology and freedom how can we, the people of the US, fight harder & win?

What represents a "win" against the RIAA/MPAA or a "win" for net neutrality? If all we need is Congress to pass Common Carriage why is it so difficult to get done? Ever since I attend that Senate Judiciary hearing, and I learned the issues, I realized it's always the same groups opposing digital freedom. What do we have to do to fix these issues forever so we can move on to better problems?

Granick: I’ve become even more disillusioned with Congress than I already was. I think money in politics is a huge problem. Its polarizing the politicians such that they do not do what the public wants even when there is a general consensus. Lawmakers can’t agree so they propose laws that do nothing and please no one, and then those bills do not pass. I remain optimistic, but we need to get all the pieces of democracy healthy again—free press, level playing field, educated populace—before Congress is going to be a fruitful avenue for the public interest to win. This is why I support the Rootstrikers and Larry Lessig’s MayDayPAC.



Re:Can Privacy ever actually be Maintained?
by Noah Haders

a follow on to this that is more personal. Without a doubt EFF has been owned 20 times over by NSA, not to mention anybody who works as a director of internet civil civil liberties. Personal stuff too. emails, bank records. Email accounts of your family, friends, and friends of friends (3 hops)! And unlike most NSA snooping which seems to be captured for the glee of capturing, your stuff is probably pretty closely monitored.

Do you think about this or worry about this? does it change your online behavior, or relationships with friends and family?

Granick: This has changed my behavior. I use encryption now far more than I did, for emails, texts and for phone calls. The people I communicate with are not that tech savvy though, and so that limits my ability to encrypt all the time. I use cookie blockers now, when I didn’t before. I don’t want Facebook tracking what I read. If I had more privacy friendly options, I’d use them. People often preface things they say to me with, “If the NSA is listening, they may not understand this, but” I find that terrifying, that people are afraid to be honest with their friends, and eventually maybe with themselves, for fear of government overreaction.

But I haven’t given up and you shouldn’t either. The idea isn’t complete secrecy, but to make opportunistic mass surveillance and bulk data collection impossible, and to make investigating people expensive again. That is one way we can ensure that such investigations happen for good reason, i.e. when they are worth the trouble. A great essay on the inevitability of privacy is by @neilmrichards: Privacy is Not Dead—Its Inevitable There’s also a great essay by Eben Moglen on why privacy is not hopeless. He says Snowden distinguished “between those forms of network communication that are hopelessly corrupted and no longer usable, those that are endangered by a continuing assault on the part of an agency gone rogue, and those that, even with their vast power, all their wealth, and all their misplaced ambition, conscientiousness and effort, they still cannot break.”



Where is personal privacy going?
by Spyder

Ms Granick, I'd really appreciate your perspective of where you think the personal privacy equilibrium will be. What personal privacy protections do you believe will survive the next 20 years in the US?

Do you believe that there will be individual control of personal information that will have suffice force of law to be functional meaningful in the US? Do you believe those protections will be useful if the information is stored outside the US?

Granick: I believe the Fourth Amendment is going to evolve in constructive ways such that it will still be relevant to privacy in 20 years. I think we’re going to reform statutes to provide location privacy. There’s a lot of support for that. And I think we’re going to have a single rule for law enforcement access to communications content from public providers. Beyond that, I think we’ve got work to do.

My opinion is that the location of data is not going to be a major factor in whether our government accesses it, except to the extent that it can do more mass surveillance of unencrypted data overseas at this point in time. I think that’s going to (slowly) change for technological and political reasons.



Campaign Finance Reform
by RR

It seems that no matter which party we vote for, we get either corporate-funded stooges or patronizing paternalists, like Dianne Feinstein of California. The media are complicit in this miscarriage of justice with their anointed "serious" candidates and "wasted" votes, for various reasons probably including the high amounts of money that they receive during campaigns.

So, what do you think about Larry Lessig and his change of focus from free culture to Congressional corruption?

Granick: I admire Larry immensely for the work he’s doing now on money in politics and for his innovation and commitment to the cause. I support the MayOne PAC wholeheartedly, and hope you will too.



Reconcile wisdom vs. technological savviness
by OSULugan

Slashdot has had a lot of discussion recently with regard to the (perception of the) Supreme Court justices (apparent) lack of technological savviness due to their age. This is pervasive throughout all of our government, from federal to local and throughout all three branches. Classically, this was desirable for the wisdom that comes with age, the prevention of coercion for the independent Supreme Court and/or the perks that could come from having a representative with seniority.

How do you see evolution of our government in a future where technological advances come at an ever increasing pace?

I.e., how does our government reconcile the need for wisdom in governance with the need for an understanding of the technology in the modern world, and the application of laws against it?

Granick: There are lots of informal ways to address this. For example, Supreme Court clerks are from a different generation, and understand cell phones. There are tech trainings for judges. I’ve attended them. Overall, I think the older judges are getting the point that technology matters, and they are trying to do better. The recent Fourth Circuit opinion in Lavabit got the tech, for example. Of course, you start with awareness that there’s a problem, and solving it is another matter. But its solvable.



Re:ECJ Google Spain v AEPD: privacy vs expression?
by xavdeman

Hey Jennifer, I just thought of another question. What is your opinion on cyber bullying and litigation?

E.g. a bully posts sensitive personal data about someone, and he or she wants that data to be "forgotten" by search engines, web hosts etc. (data processors). To obtain this result, he or she would have to go to a court, and because of the fact that most court proceedings are public and published (in the EU, at least, and let's assume this is concerning an adult, because in most countries, court cases involving minors are closed), this information would be even more widely broadcast, through the public records of the courts.

Is this a legal catch 22, do you see any solutions for these kinds of victims?

Granick: Courts deal with confidential information all the time, like in trade secret cases. And I think those tools can be used to hide sensitive personal data like addresses, credit card numbers and the like during litigation. But there is a bigger problem you are touching on here which includes “revenge porn”, upskirt photos, pictures of college kids passed out from drinking too much, and the like. Our society hasn’t developed a good way of dealing with these privacy violations yet. I do not think the law should change to make Internet search engines or platforms legally responsible for policing this content. Such changes may threaten public access to embarrassing information about politicians, for example. But while we figure out how we should respond, some people are suffering. So far this is a Catch-22, and I look to markets, technology and norms to develop into the main drivers for mitigating this serious problem.

Thanks to everyone who submitted questions for me!

netbuzz writes: "The Electronic Frontier Foundation is calling it a 'crushing blow for copyright trolls.' A federal appeals court today has for the first time ruled against what critics call a shakedown scheme aimed at pornography downloaders and practiced by the likes of AF Holdings, an arm of notorious copyright troll Prenda Law. The United States Court of Appeals for the District of Columbia Circuit called the lawsuit 'a quintessential example of Prenda Law's modus operandi' in reversing a lower court ruling that would have forced a half-dozen ISPs to identify account holders associated with 1,058 IP addresses."

The U.S. House of Representatives has substantially reduced the effectiveness of the USA FREEDOM Act, a surveillance reform bill that sought to end mass collection of U.S. citizens' data. House Leadership was pressured by the Obama Administration to weaken many of the bill's provisions. The EFF and the Center for Democracy & Technology had both given their backing to the bill earlier this month, but they've now withdrawn their support. CDT Senior Counsel Harley Geiger said, "The Leadership of the House is demonstrating that it wants to end the debate about surveillance, rather than end bulk collection. As amended, the bill may not prevent collection of data on a very large scale in a manner that infringes upon the privacy of Americans with no connection to a crime or terrorism. This is quite disappointing given the consensus by the public, Congress, the President, and two independent review groups that ending bulk collection is necessary."

Robyn Greene of the Open Technology Institute added, "We are especially disappointed by the weakening of the language intended to prohibit bulk collection of innocent Americans’ records. Although we are still hopeful that the bill’s language will end the bulk collection of telephone records and prevent indiscriminate collection of other types of records, it may still allow data collection on a dangerously massive scale. Put another way, it may ban ‘bulk’ collection of all records of a particular kind, but still allow for ‘bulky’ collection impacting the privacy of millions of people. Before this bill becomes law, Congress must make clear—either through amendments to the bill, through statements in the legislative record, or both—that mass collection of innocent people’s records isn’t allowed."

The U.S. House of Representatives has substantially reduced the effectiveness of the USA FREEDOM Act, a surveillance reform bill that sought to end mass collection of U.S. citizens' data. House Leadership was pressured by the Obama Administration to weaken many of the bill's provisions. The EFF and the Center for Democracy & Technology had both given their backing to the bill earlier this month, but they've now withdrawn their support. CDT Senior Counsel Harley Geiger said, "The Leadership of the House is demonstrating that it wants to end the debate about surveillance, rather than end bulk collection. As amended, the bill may not prevent collection of data on a very large scale in a manner that infringes upon the privacy of Americans with no connection to a crime or terrorism. This is quite disappointing given the consensus by the public, Congress, the President, and two independent review groups that ending bulk collection is necessary."

Robyn Greene of the Open Technology Institute added, "We are especially disappointed by the weakening of the language intended to prohibit bulk collection of innocent Americans’ records. Although we are still hopeful that the bill’s language will end the bulk collection of telephone records and prevent indiscriminate collection of other types of records, it may still allow data collection on a dangerously massive scale. Put another way, it may ban ‘bulk’ collection of all records of a particular kind, but still allow for ‘bulky’ collection impacting the privacy of millions of people. Before this bill becomes law, Congress must make clear—either through amendments to the bill, through statements in the legislative record, or both—that mass collection of innocent people’s records isn’t allowed."

jfruh (300774) writes "The EFF has released its annual "Who Has Your Back" report, which uses publicly available records to see which web companies do the most to resist government demands for your personal data, by requiring warrants and being transparent about requests received. Social media giants Facebook and Twitter scored quite well; Snapchat was at the bottom of the list, and Amazon and AT&T didn't do much better." Here's the report itself.

First time accepted submitter sumakor (3571543) writes "The House Judiciary Committee has advanced a weakened version of the USA Freedom Act (HR3361). The amended compromise version allows collection of phone call records up to two hops away from a target, potentially including millions of customer records, and allows for collection without a judge's order in emergency cases. The amended bill also drops the requirement for a privacy advocate who can appeal the rulings of the Foreign Intelligence Surveillance Court and extends the controversial Section 215 of the Patriot Act from 2015 through 2017.

Despite these significant changes the amended bill has been endorsed by the ACLU and the EFF as a first step and the most promising path towards reigning in government surveillance. The two organizations called for further Congressional measures to tighten control of surveillance authorities including an explicit definition of the term 'selector,' a reduction in the number of hops from 2 to 1 under most circumstances and the closing the loophole that allows searches of Americans' data inadvertently collected thru Section 702.

The bill now proceeds to the House Intelligence Committee, who has advanced its competing bill, the FISA Transparency and Modernization Act (HR 4291). The committee will mark up both bills on the same day, beginning at 10am Thursday, behind closed doors."

netbuzz writes: "The worst of DRM is set to infest law school casebooks. One publisher, AspenLaw, wants students to pay $200 for a bound casebook, but at the end of class they have to give it back. Aspen is touting this arrangement as a great deal because the buyer will get an electronic version and assorted online goodies once they return the actual book. But they must return the book. Law professors and the Electronic Frontier Foundation are calling it nothing but a cynical attempt to undermine used book sales, as well as the first sale doctrine that protects used bookstores and libraries."

An anonymous reader writes "EFF is launching a new extension for Firefox and Chrome called Privacy Badger. Privacy Badger automatically detects and blocks spying ads around the Web, and the invisible trackers that feed information to them. You can try it out today."

An anonymous reader writes "EFF is launching a new extension for Firefox and Chrome called Privacy Badger. Privacy Badger automatically detects and blocks spying ads around the Web, and the invisible trackers that feed information to them. You can try it out today."

An anonymous reader writes "EFF is launching a new extension for Firefox and Chrome called Privacy Badger. Privacy Badger automatically detects and blocks spying ads around the Web, and the invisible trackers that feed information to them. You can try it out today."

Go to Stop the Secrecy.net and you'll see that this is something that requires action now, not someday, It's about the TPP, or Trans Pacific Partnership, a trade agreement that could place major restrictions on how we use the Internet. This is far from the only attack on Internet freedom we need to fight against, just one the EFF (and others) feel is one of the worst ones in play right now. Mild-mannered Steve Anderson, founder and Executive Director of OpenMedia.ca, is today's interview guest. He's Canadian, but OpenMedia.ca doesn't stop at Canada's southern border. Steve and the rest of the group want U.S. citizens to have the same Internet freedoms they want Canadians to have -- as well as people all over the world, because Internet balkanization hurts all Internet users. Including you. And worse, this is not the only problem with the TPP. Did you notice, in the TPP link above (to Wikipedia), that parts of this trade agreement are secret? So even if you want to protest against it, you might end up holding a sign that's mostly blank. This is a "Call your Congressional representatives" situation. Unless you're in Canada, in which case it's a "Call your Member of Parliament" situation. Ditto if you're in another TPP country. In any case, it's going to take a lot of calls, letters, emails, and faxes from people like us to overcome some of the heavy money that wants the TPP to go through. (Alternate video link.)

After being forced to turn over encryption keys (being held in contempt of court for several weeks after initially refusing to comply), secure mail provider Lavabit halted all operations last year. With the assistance of the EFF, an appeal was mounted. Today, the appeals court affirmed the district court decision and rejected the appeal. From Techdirt: "The ruling does a decent job explaining the history of the case, which also details some of the (many, many) procedural mistakes that Lavabit made along the way, which made it a lot less likely it would succeed here. ... The procedural oddities effectively preclude the court even bothering with the much bigger and important question of whether or not a basic pen register demand requires a company to give up its private keys. The hail mary attempt in the case was to argue that because the underlying issues are of 'immense public concern' (and they are) that the court should ignore the procedural mistakes. The court flatly rejects that notion: 'exhuming forfeited arguments when they involve matters of “public concern” would present practical difficulties. For one thing, identifying cases of a “public concern” and “non-public concern” –- divorced from any other consideration –- is a tricky task governed by no objective standards..... For another thing, if an issue is of public concern, that concern is likely more reason to avoid deciding it from a less-than-fully litigated record....'"

First time accepted submitter tor528 (896250) writes "Patent troll Personal Audio has sued top podcasters including Adam Carolla and HowStuffWorks, claiming that they own the patent for delivery of episodic content over the Internet. Adam Carolla is fighting back and has started a Fund Anything campaign to cover legal fees. From the Fund Anything campaign page: 'If Adam Carolla loses this battle, then every other Podcast will be quickly shut down. Why? Because Patent Trolls like Personal Audio would use a victory over Carolla as leverage to extort money from every other Podcast.. As you probably know, Podcasts are inherently small, owner-operated businesses that do not have the financial resources to fight off this type of an assault. Therefore, Podcasts as we know them today would cease to exist.' James Logan of Personal Audio answered Slashdotters' questions in June 2013. Links to the patent in question can be found on Personal Audio's website. The EFF filed a challenge against Personal Audio's podcasting patent in October 2013."

Daniel_Stuckey writes "Last March, weev, the notorious internet troll who seems to be equally celebrated and reviled, was convicted of accessing a computer without authorization and identity fraud, and sentenced to serve 41 months in prison.'He had to decrypt and decode, and do all of these things I don't even understand,' Assistant US Attorney Glenn Moramarco argued. Here, on a Wednesday morning in Philadelphia, before a packed courtroom, the federal prosecution argued that a hacker should spend three and a half years in prison for committing a crime it couldn't fully comprehend. Previously, Orin Kerr, a law professor at George Washington University and weev's defense attorney, had argued first and foremost that there was no criminal hacking to speak of. According to Kerr, what weev and Daniel Spitler (who pleaded guilty to avoid jail time) had done while working as an outfit called Goatse Security was entirely legal, even though it embarrassed public officials and some of the country's biggest corporations."

An anonymous reader writes in with news about Russias censorship of internet sites critical of President Vladimir Putin. "Russia blocked access to the internet sites of prominent Kremlin foes Alexei Navalny and Garry Kasparov on Thursday under a new law critics say is designed to silence dissent in President Vladimir Putin's third term. The prosecutor general's office ordered Russian internet providers to block Navalny's blog, chess champion and Putin critic Kasparov's internet newspaper and two other sites, grani.ru and ej.ru, state regulator Roskomnadzor said. The move was the latest evidence of what government opponents see as a crackdown on independent media and particularly the internet, a platform for dissenting views in a nation where state channels dominate the airwaves. Ej.ru editor Alexander Ryklin called it 'monstrous' and a 'direct violation of all the principles of freedom of speech,' More at EFF, and in earlier stories at the The Huffington Post, and Deutsche Welle, which notes, 'This year's report by Reporters Without Borders on World Day against Cyber Censorship condemns Russia as one of the "Enemies of the Internet." "Russia has adopted dangerous legislation governing the flow of news and information and freedom of expression online," it concludes.'"

In a followup to our story yesterday, Bismillah writes "It seems US prosecutors agree that just publishing a link doesn't amount to transmitting actual files. Brown is not out of the legal woods yet though, and still faces further charges. The EFF released this statement about the decision: 'We are relieved that federal prosecutors have decided to drop these charges against Barrett Brown. In prosecuting Brown, the government sought to criminalize a routine practice of journalism—linking to external sources—which is a textbook violation of free speech protected by the First Amendment. Although this motion is good news for Brown, the unnecessary and unwarranted prosecution has already done much damage; not only has it harmed Brown, the prosecution—and the threat of prosecution it raised for all journalists—has chilled speech on the Internet. We hope that this dismissal of charges indicates a change in the Department of Justice priorities. If not, we will be ready to step in and defend free speech.'"

sandbagger writes in with a story about U.S. and British government interest and involvement with journalists visiting the Wikileaks website. "The Intercept recently published an article and supporting documents indicating that the NSA and its British counterpart GCHQ surveilled and even sought to have other countries prosecute the investigative journalism website WikiLeaks. GCHQ also surveilled the millions of people who merely read the WikiLeaks website. The article clarifies the lengths that these two spy organizations go to track their targets and confirms, once again, that they do not confine themselves to spying on to those accused of terrorism. One document contains a summary of an internal discussion in which officials from two NSA offices discuss whether to categorize WikiLeaks as a "malicious foreign actor" for surveillance targeting purposes. This would be an important categorization because agents have significantly more authority to engage in surveillance of malicious foreign actors."

This site's "Your Rights Online" section, sadly, has never suffered for material. The revelations we've seen over the last year-and-change, though, of widespread spying on U.S. citizens, government spying in the E.U. on international conferences, the UK's use of malware against citizens, and the use of modern technology to oppress government protesters in the middle east and elsewhere shows how persistent it is. It's been a banner year on that front, and the banner says "You are being spied on, online and off." A broad coalition of organizations is calling today "The Day We Fight Back" against the growing culture of heads-they-win, tails-you-lose surveillance, but all involved know this is not a one-day struggle. (Read more, below.) THREE REASONS TO HATE MASS SURVEILLANCE:

1) Because the Internet is nearly everywhere, it means the spying it makes possible has spread to match its footprint. 30 years ago, "on the internet" really was novel, because the public Internet simply wasn't. There were a few big military and academic sites around the world, and the concepts that make today's internet work were already embodied in running systems, but there was little reason for individuals to care about privacy invasion, or having their systems crippled by government malware, because their systems and their privacy weren't at issue. There wasn't a World Wide Web as a portal to nearly every resource online, no "Cloud," and no Blue Coat. Now, not only can individuals get on the internet, but the meaning of that phrase has moved, fast, over the last decade: now, getting on the internet is just a fact of modern life, a banal, automated background fact of the way we stay in touch with friends, deal with bills, find entertainment, get directions, and work. Online surveillance of all the signals we emit and receive (over home internet links, over cellular networks, on landline telephones, even on postcards) might be minimized and waved away as the collection of "mere" metadata, but in reality, if you're reading these words online, and even if you're doing your best to read them anonymously, it means you've almost certainly got a collection of data about you online already.

2) Because "online surveillance" is a slippery slope, and it will only get slipperier. Remember the Clipper chip's hardware-based encryption escrow scheme? Who and how often you email, chat with online, or call on the phone is the tip of the iceberg. Robert Bork didn't like having his video watching habits spied on, and that was before Netflix and competitors made the sorting and stacking of movie-watching habits not only possible but an never-ending exercise in deep data analysis. Maybe you don't care in particular about what the NSA, FBI, or anyone else thinks of your taste in entertainment, but you might prefer them to stay out not only of the information revealed by your current online activity, but also out of whatever things are revealed by future developments. Right now, a relatively small part of the online population uses crypto-currency like Bitcoin; a decade from now, it seems likely to be even more widespread than Netflix is today. Do you want your transactions to be public record, or even public-servant record? Beyond that, the era of ubiquitous, automated surveillance doesn't need you to mail an angry letter, or declare allegiance to an unpopular cause online: Just walking around means sooner rather than later you're likely to be captured on camera.

Access to your medical records almost certainly will be online, too, even more than it already is. Online and offline lives will only get blurrier: Your GPS (and increasingly, that means your phone, too) knows where you've been, and your should-be-private Google Maps page knows where you might have considered going. (Couple that with the cavalier attitude that dominates rules about data that you carry in your phone, laptop or USB data sticks, if you cross, or even come near, the U.S. border.) Think about the meta-data (or what the government might characterize that way) that your reading and viewing habits, your prescription medicine needs, your airline tickets, and your Amazon wishlist could reveal, and whether you'd want everyone's digital dossier to be up for ad-hoc scrutiny in 10 years any more than it already is. You don't want the equivalent of the TSA viewing rooms (for your own good, of course) attached to every stream of online communication.

3) Because you're paying for it. How much you're paying is hard to say, because of black budgets, overlapping programs, and the sheer number of systems that are or could be used to make widespread surveillance the new normal, but the mystery price tag starts out high. If you're an American, or an EU citizen, at least you can be grateful that you're likely only being spied on, rather than actively harmed in other ways; in other countries, the outcome can be far grimmer. How much do you want to pay to build an infrastructure for constantly surveilling yourself, your friends, and your family? Especially one that fails so miserably at even its stated aims?

THREE WAYS TO FIGHT IT:

The good news is, while you can't stop the entire octopus, you're not required to be a full-time victim of online surveillance or the offline surveillance that it seems to normalize. Instead, you can take some simple steps that at least fog the glass a bit. Readers will no doubt suggest better technologies and practices, but here's a short list to start with:

1) Encryption, more often and in more contexts. Encrypted hard drives are now easy to buy off the shelf, or to implement with software per-user. Use encryption when it makes sense, for documents, emails, file systems, or browsing; the more you do, the more normal this becomes — if it's perfectly normal to carry data encrypted, no matter how innocuous, it's hard for merely possessing encrypted data to be vilified. TrueCrypt might not be impregnable, but neither are the opaque envelopes you might put in a physical mailbox: making it harder to spy on you even in small ways beats indifference. Good news: not every layer of security takes much effort for you to take advantage of: Mozilla's move to HTTPS Everywhere is an example, as is the option that many OSes are embracing to offer the user full-disk or per-directory encryption.

2) Avoid standing in front of the biggest targets. If you don't yet, use an operating system like Linux or one of the modern BSDs, at least part of the time. The SCADA vulnerabilities exploited to cripple a key part of Iran's nuclear program exploited a well-known hole in a widespread operating system, and the same can be said of many attacks blandly characterized as "Advanced Persistent Threats." Even a cheap, adjunct laptop running an up-to-date Linux or OpenBSD could make you safer for some tasks online; cheaper yet, you can run an entire Linux system from a USB drive, and yank it when you're through. That doesn't stop a mid-stream listener (which is a very hard problem), but a compartmentalized system like that means you can do your online banking or anything else and be less vulnerable to common malware. (Besides, it's fun!)

3) Tell companies, politicians (for instance, by voting for or against), and the people around you, that you object to being spied on. You can't prevent malicious individuals, governments, (or Google, or Yelp, or your Facebook friends) from looking at some of the data that you emit; you might feel perfectly satisfied with lots of the transactions you take part in freely. But you can minimize the worst consequences by being mindful of what you do or don't mind putting out there, and spreading the word when you find abuses of trust that compromise your privacy.

Online spying didn't pop into existence with Edward Snowden's revelations about mass data gathering by the NSA on U.S. citizens. For Americans, having our communications tapped by government agents (even if by a government that has remained far more benign than have many others) extends as long as the history of the country; likewise for Europeans and others all over the world. It's much easier, now, though, for those agents to put an ear to your wall or an eye on your correspondence than it's ever been before. For those in many countries, taking practical steps to reduce your exposure is a sensible move for more than just aesthetic or philosophical reasons, though, and luckily the range of options for preserving privacy and private communications have advanced right along with the growth of the technologies that threaten them.

Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."

Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."

Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."

An anonymous reader points out this recently published study (PDF) on detecting malicious (or at least suspicious) Tor exit relays. From their conclusions: "After developing a scanner, we closely monitored all ~1000 exit relays over a period of four months. Wed discovered 25 relays which were either outright malicious or simply misconfigured. Interestingly, the majority of the attacks were coordinated instead of being isolated actions of independent individuals. Our results further suggest that the attackers made an active effort to remain under the radar and delay detection." One of the authors, Philipp Winter, wrote a followup blog post to help clarify what the paper's findings mean for Tor users, including this clarification: "First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays 'in the wild."

greatgreygreengreasy writes "In 2005, then-governor of North Dakota John Hoeven signed into law a bill 'ensuring drivers' ownership of their EDR (Electronic Data Recorder) data.' Now a U.S. senator, Hoeven (R-ND) has teamed up with Amy Klobuchar, D-MN, to introduce similar legislation at the Federal level. 'Under this legislation, EDR data could only be retrieved [for specific reasons].' The EFF has expressed concern in the past over the so-called black boxes and their privacy implications. This legislation, however, would not address the recent revelations by a Ford executive on their access to data, since in those cases, 'The vehicle owner or lessee consents to the data retrieval.' The bill has gained the support of about 20 senators so far."

An anonymous reader writes "Peter Eckersley at the EFF reports that the 'App Ops' privacy feature added to Android in 4.3 has been removed as of 4.4.2. The feature allowed users to easily manage the permission settings for installed apps. Thus, users could enjoy the features of whatever app they liked, while preventing the app from, for example, reporting location data. Eckersley writes, 'When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.1 The disappearance of App Ops is alarming news for Android users. The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through. Embarrassingly, it is also one that Apple managed to fix in iOS years ago.'"

An anonymous reader writes "Peter Eckersley at the EFF reports that the 'App Ops' privacy feature added to Android in 4.3 has been removed as of 4.4.2. The feature allowed users to easily manage the permission settings for installed apps. Thus, users could enjoy the features of whatever app they liked, while preventing the app from, for example, reporting location data. Eckersley writes, 'When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.1 The disappearance of App Ops is alarming news for Android users. The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through. Embarrassingly, it is also one that Apple managed to fix in iOS years ago.'"

New submitter chrylis writes "SCOTUSblog is reporting that the U.S. Supreme Court has accepted an appeal in Alice v. CLS Bank, a case in which the Federal Circuit ruled haphazardly that the particular patents in question were invalid but did not address the issue of software patents generally. 'The case will provide a new test of the Patent Act’s most basic provision — Section 101, which broadly outlines what kinds of inventions are patentable. One of the long-standing exceptions to the types of inventions mentioned in that section is that an abstract idea can never be patented. That issue arises frequently these days, especially with rapidly developing technology in computer software. The EFF wrote a summary of the issues in the case when it was before the Federal Circuit this spring. The case files are also available."

snydeq writes "The U.S. House of Representatives has passed the Innovation Act, dealing trolls a severe blow despite opposition from universities looking to protect patents, InfoWorld's Simon Phipps reports. The act cleared the House of Representatives with an overwhelming majority of 325 to 91 despite opposition from the organizations most likely to feed new patents to the trolls. 'So bravo to the Innovation Act. It's far from perfect, as the EFF documents and as I commented before the holiday. But it's a step in the right direction, and the tidal surge of support it's seeing suggests legislators' appetite for proper patent reform is finally growing strong enough for them to contemplate substantial change.'"

Fnord666 writes with this excerpt from Tech Crunch "Twitter has enabled Perfect Forward Secrecy across its mobile site, website and API feeds in order to protect against future cracking of the service's encryption. The PFS method ensures that, if the encryption key Twitter uses is cracked in the future, all of the past data transported through the network does not become an open book right away. 'If an adversary is currently recording all Twitter users' encrypted traffic, and they later crack or steal Twitter's private keys, they should not be able to use those keys to decrypt the recorded traffic,' says Twitter's Jacob Hoffman-Andrews. 'As the Electronic Frontier Foundation points out, this type of protection is increasingly important on today's Internet.'" Of course, they are also using Elliptic Curve ciphers.

An anonymous reader writes "With the advent of national security letters and all the NSA issues of late perhaps the web needs to implement a warrant 'warrant canary' metatag. Something like this: <meta name="canary" content="2013-11-17" />. With this it would be possible to build into browsers or browser extensions a means of alerting users when a company has in fact received such a secret warrant. (Similar to the actions taken by Apple recently.) The advantage the metatag approach would have its that it would not require the user to search out a report by the company in question but would show the information upon loading of the page. Once the canary metatag was not found or when the date of the canary grows older than a given date a warning could be raised. Several others have proposed similar approaches including Conor Friedersdorf in The Atlantic and Cory Doctorow's Dead Man's Switch." What problems do you see with this approach?

mahiskali writes with this interesting news via the EFF's Deep Links "The new Renault Zoe comes with a 'feature' that absolutely nobody wants. Instead of selling consumers a complete car that they can use, repair, and upgrade as they see fit, Renault has opted to lock purchasers into a rental contract with a battery manufacturer and enforce that contract with digital rights management (DRM) restrictions that can remotely prevent the battery from charging at all. This coming on the heels of the recent Trans-Pacific Partnership IP Rights Chapter leak certainly makes you wonder how much of that device (car?) you really own. Perhaps Merriam-Webster can simply change the definition of ownership."

sfcrazy writes "Last week Canonical sent a cease and desist letter to EFF staffer Micah F Lee asking him to remove the word Ubuntu from the URL as well as the Ubuntu logo from the site. Lee responded through an attorney who said that Canonical's 'request were not supported by trademark laws and interferes with protected speech.' Shuttleworth apologized, though it was cheeky, and while he dubbed the Mir opponents as non-technical (hello KDE, systemD, Wayland, Intel) he also went on to explain why they needed to protect their trademark. Now there is an official response from EFF. In the blog post EFF has explained that Shuttleworth is far from reality and was totally wrong about trademark."

New submitter bkerensa writes "A member of Canonical's Legal Team recently sent a email to a critic of Ubuntu's privacy settings to insist he stop using the Ubuntu name and logo, even though it falls under 'fair use.' Micah Lee is the CTO of the Freedom of the Press Foundation and maintainer of the HTTPS Everywhere project. When Ubuntu began adding commercial results in its Dash search software, Lee wrote about the privacy concerns and created a site called Fix Ubuntu to show people how to turn it off. Canonical's legal department has now sent him a letter asking him to 'remove [the] Ubuntu word from you[r] domain name and Ubuntu logo from your website.'"

theodp writes "That there's no easy way for her to get timely, affordable access to taxpayer-funded research that could help her patients leaves speech-language pathologist Cortney Grove, well, speechless. 'Cortney's frustration,' writes the EFF's Adi Kamdar, 'is not uncommon. Much of the research that guides health-related progress is funded by taxpayer dollars through government grants, and yet those who need this information most-practitioners and their patients-cannot afford to access it.' She says, 'In my field we are charged with using scientific evidence to make clinical decisions. Unfortunately, the most pertinent evidence is locked up in the world of academic publishing and I cannot access it without paying upwards of $40 an article. My current research project is not centered around one article, but rather a body of work on a given topic. Accessing all the articles I would like to read will cost me nearly a thousand dollars. So, the sad state of affairs is that I may have to wait 7-10 years for someone to read the information, integrate it with their clinical opinions (biases, agendas, and financial motivations) and publish it in a format I can buy on Amazon. By then, how will my clinical knowledge and skills have changed? How will my clients be served in the meantime? What would I do with the first-hand information that I will not be able to do with the processed, commercialized product that emerges from it in a decade?'"

Hugh Pickens DOT Com writes "Danny O'Brien writes for the EFF that as the NSA's spying has spread, more and more ordinary people want to know how they can defend themselves from surveillance online. 'The bad news is: if you're being personally targeted by a powerful intelligence agency like the NSA, it's very, very difficult to defend yourself,' writes O'Brien. 'The good news, if you can call it that, is that much of what the NSA is doing is mass surveillance on everybody. With a few small steps, you can make that kind of surveillance a lot more difficult and expensive, both against you individually, and more generally against everyone.' Here's ten steps you can take to make your own devices secure: Use end-to-end encryption; Encrypt as much communications as you can; Encrypt your hard drive; Use Strong passwords; Use Tor; Turn on two-factor (or two-step) authentication; Don't click on attachments; Keep software updated and use anti-virus software; Keep extra secret information extra secure with Truecrypt; and Teach others what you've learned. 'Ask [your friends] to sign up to Stop Watching Us and other campaigns against bulk spying. Run a Tor node; or hold a cryptoparty. They need to stop watching us; and we need to start making it much harder for them to get away with it.'"

Hugh Pickens DOT Com writes "Danny O'Brien writes for the EFF that as the NSA's spying has spread, more and more ordinary people want to know how they can defend themselves from surveillance online. 'The bad news is: if you're being personally targeted by a powerful intelligence agency like the NSA, it's very, very difficult to defend yourself,' writes O'Brien. 'The good news, if you can call it that, is that much of what the NSA is doing is mass surveillance on everybody. With a few small steps, you can make that kind of surveillance a lot more difficult and expensive, both against you individually, and more generally against everyone.' Here's ten steps you can take to make your own devices secure: Use end-to-end encryption; Encrypt as much communications as you can; Encrypt your hard drive; Use Strong passwords; Use Tor; Turn on two-factor (or two-step) authentication; Don't click on attachments; Keep software updated and use anti-virus software; Keep extra secret information extra secure with Truecrypt; and Teach others what you've learned. 'Ask [your friends] to sign up to Stop Watching Us and other campaigns against bulk spying. Run a Tor node; or hold a cryptoparty. They need to stop watching us; and we need to start making it much harder for them to get away with it.'"

First time accepted submitter jellie writes "According to Ars Technica, a new bill introduced by Rep. Bob Goodlatte (R-VA), the chairman of the House Judiciary Committee, has received bipartisan support and has a real chance of passing. In a press call, lawyers from the CCIA, EFF, and Public Knowledge had universal praise for the bill, which is called the Innovation Act of 2013. The EFF has a short summary of the good and bad parts of an earlier draft of the bill. The bill will require patent holders who are filing a suit to identify the specific products and claims which are being infringed, require the loser in a suit to pay attorney's fees and costs, and force trolls to reveal anyone who has a 'financial interest' in the case, making them possibly liable for damages."

Lirodon writes "After being called out by the Electronic Frontier Foundation for banning the loosely-defined use of "servers" on its Fiber service, Google appears to have changed its tune, and now allows 'personal, non-commercial use of servers that complies with this AUP is acceptable, including using virtual private networks (VPN) to access services in your home and using hardware or applications that include server capabilities for uses like multi-player gaming, video-conferencing, and home security.'"

An anonymous reader writes "Danny O'Brien from the EFF has a weblog post about how the Encrypted Media Extension (EME) proposal will continue to be part of HTML Work Group's bailiwick and may make it into a future HTML revision." From O'Brien's post: "A Web where you cannot cut and paste text; where your browser can't 'Save As...' an image; where the 'allowed' uses of saved files are monitored beyond the browser; where JavaScript is sealed away in opaque tombs; and maybe even where we can no longer effectively 'View Source' on some sites, is a very different Web from the one we have today. It's a Web where user agents—browsers—must navigate a nest of enforced duties every time they visit a page. It's a place where the next Tim Berners-Lee or Mozilla, if they were building a new browser from scratch, couldn't just look up the details of all the 'Web' technologies. They'd have to negotiate and sign compliance agreements with a raft of DRM providers just to be fully standards-compliant and interoperable."

cold fjord writes "The Houston Chronicle reports, 'A newly declassified opinion from the government's secret surveillance court says no company that has received an order to turn over bulk telephone records has challenged the directive. The opinion by Foreign Intelligence Surveillance Court Judge Claire Eagan, made public Tuesday, spells out her reasons for reauthorizing the phone records collection "of specified telephone service providers" for three months. ... 'Indeed, no recipient of any Section 215 order has challenged the legality of such an order, despite the explicit statutory mechanism for doing so.'" Relatedly, the UN Human Rights Council is discussing the surveillance situation.

wabrandsma writes "James Logan's patent company, Personal Audio, has closed a licensing agreement with SanDisk. The company says that now 'between a third and two thirds of all mp3 audio players' are made by companies to which its patents have been licensed, including LG, Samsung, HTC, Motorola, Blackberry and Amazon. The Electronic Frontier Foundation wants to fight Personal Audio's podcasting patent at the US Patent and Trademark Office. About 30,000 dollars, was brought in earlier this year through crowdfunding to fight the case. Logan took part in a question-and-answer session here In June."