Congressional Scorecard on Mass Surveillance: StandAgainstSpying.org Launches to Encourage NSA Reform
San Francisco, CA - A coalition of 22 organizations from across the political spectrum today launched StandAgainstSpying.org, an interactive website that grades members of Congress on what they have done, or often not done, to rein in the NSA.
Led by the Electronic Frontier Foundation (EFF), the Sunlight Foundation and Greenpeace, the coalition aims to inspire constituents to hold their elected officials accountable on mass surveillance reform, as well as give lawmakers the opportunity to improve their positions. Using a report card-style format, the grading criteria included whether the legislator was a sponsor of the USA FREEDOM Act or, in the case of the House of Representatives, voted for the "Amash Amendment" to defund NSA mass surveillance. Legislators had multiple avenues for receiving high marks.
Of the 100 senators and 433 representatives included, 241 members (45 percent) received "A" grades. However, 188 members (35 percent) flunked the scorecard, while another 77 members (14 percent) received question marks for taking no measurable action.
Website visitors can enter their zip codes to look up their congressional members' scores. They then are encouraged to tweet directly at their members of Congress, thanking them for defending privacy or asking them to do more in the fight against mass spying. Additionally, all visitors can sign an open letter to President Barack Obama urging him to end the mass surveillance programs immediately, without waiting for Congress to act.
"We must hold members of Congress accountable by making clear to the public who in Congress is standing up for surveillance reform, who is acting as a roadblock, and who is failing to take a stand," EFF Activism Director Rainey Reitman said. "More Americans than ever now think the NSA has gone too far. The American people—and frankly people all over the world—can't wait any longer for Congress to rein in the NSA."
EFF built StandAgainstSpying.org after analyzing the key NSA reform bills in Congress and weighting the prominent proposals on the degree to which they would end mass data collection. Sunlight Foundation technologists populated the site with data from its repository of Congressional actions.
"Just as the Internet has become an avenue for surveillance, it is also a mechanism for the public to hold the government accountable for its unchecked secrecy," said John Wonderlich, policy director at the nonpartisan Sunlight Foundation. "People care about secrecy and state power and are willing to stand up and demand reform."
More than 18 groups and companies with diverse interests joined Greenpeace, EFF, Tenth Amendment Center (TAC) and Sunlight Foundation as partners in launching StandAgainstSpying.org, including Association of Alternative Newsmedia, Bill of Rights Defense Committee, Council on American-Islamic Relations, Demand Progress, Fight for the Future, FreedomWorks, Free Press Action Fund, Freedom of the Press Foundation, Libertarian Party, Liberty Coalition, Open Media, PEN America, reddit, Restore the Fourth, Taskforce.is, TechFreedom and ThoughtWorks.
The launch of the scorecard also coincided with a joint campaign by Greenpeace, EFF and TAC to fly an airship over the NSA data center in Bluffdale, UT, which carried a sign that read "NSA Illegal Spying Below" with a link to StandAgainstSpying.org.
For information and photos of the airship's flight over the data center earlier today will be available shortly.Contacts:
Electronic Frontier Foundation
Greenpeace Electronic Frontier Foundation
Share this: || Join EFF
PRISM, Local Edition: NY DA Employs 381 Secret Orders to Gather Complete Digital Dossiers from Facebook
Unfortunately, it appears that the lure of bulk surveillance is not just a temptation for the federal government. Last summer, about a month after new leaks exposed the NSA’s bulk content PRISM program, Cyrus Vance, Jr., the District Attorney for Manhattan, decided to go secretly fishing through 381 Facebook accounts, and wanted to ensure no one was allowed to stop him.
The DA was looking for evidence of disability fraud, and saw Facebook as a treasure trove. Many people put their lives online, sharing their daily ups and downs with a steady stream of photos, comments, and wall posts to friends and family. Perhaps some of them, after claiming a disability, would post a windsurfing selfie or write about their marathon training, and evidence their fraud.
So the DA put together nearly 400 search warrants, which ordered Facebook to provide near total access to the accounts, and gagged the social media giant from informing the users. Facebook reports that this "unprecedented request is by far the largest we’ve ever received—by a magnitude of more than ten." According to Facebook's appeals brief, the targets included a cross-section of America “from high schoolers to grandparents, … electricians, school teachers, and members of our armed services.”
Facebook's brief explains that the warrants sought “information that cannot possibly be relevant to the crimes the Government presumably continues to investigate,” including what “Group” people belong to (and who else is in that group), chat messages, private messages, friends list (including removed friends) and even past and future events. And indeed, for the vast majority of the target, the information was not relevant to any crime. Only 62 people were ultimately charged.
Sometimes “come back with a warrant” is not enough. The warrant must also conform to constitutional limitations, narrowly seeking evidence of a crime with particularity, based on probable cause. It is not a license for the government to rifle through the private lives of anyone it suspects. As the Supreme Court recognized just yesterday, the Fourth Amendment was the founding generation’s response to the reviled “general warrants” and “writs of assistance” of the colonial era, which allowed British officers to rummage through homes in an unrestrained search for evidence of criminal activity.
Facebook rightly challenged this overboard pile of warrants. Indeed, it was the only entity who could. The gag order prevented Facebook from giving notice, so none of the users was in a position to assert their constitutional rights, or even know those rights were in danger.
Nevertheless, the DA disputed Facebook’s right to challenge the warrant in court, and the New York state trial court agreed, holding that “it is the Facebook subscribers who could assert an expectation of privacy in their posting, not the digital storage facility, or Facebook.” The court reasoned that this wouldn’t be a problem, because a criminal defendant could move to suppress the evidence before trial.
But what about the users who are never charged? The court never grapples with that issue, perhaps not realizing that ultimately 80% would not be the fraudsters the DA was looking for. Instead, the opinion moves on to justify the non-disclosure provisions by raising the spectre of evidence tampering by the users.
Under this pair of holdings, no one is allowed to challenge the authority of the DA in court. Facebook is not allowed and the users don’t know. (Ironically, in an earlier case involving Twitter, the court had found that the user had no rights to challenge the NY DA's data demand on Twitter). To paraphrase yesterday’s landmark Supreme Court ruling, the Founders did not fight a revolution to gain Fourth Amendment rights that no one can assert.
Facebook has appealed this dangerous precedent, seeking to "invalidate these sweeping warrants and to force the government to return the data it has seized and retained." And, nearly a year after the warrants issued, the case has been unsealed. But, despite a temporary stay, Facebook was eventually forced to comply, and the DA continues to hold a digital dossier of the lives of over 300 people never charged with a crime.
Facebook’s appeal is well grounded. The Stored Communications Act, upon which the court relied to issue the warrants, specifically allows for service providers to challenge court orders. On the merits, the overly broad warrants go beyond what the Constitution permits by failing to identify with particularity the criminal evidence to be seized, and failing to put in place procedures to protect the privacy of the people whose lives were invaded by the government.
The information cannot be undisclosed, but the New York appeals court can still help right this wrong by overturning the erroneous criminal court decision, quashing the warrants and requiring the DA to destroy the ill-gotten evidence.Files: fbnyda_trial_court_order.pdf fbopening_brief_in_re_381_search_warrants.pdfRelated Cases: New York v. Harris
Share this: || Join EFF
It’s no secret that EFF is strongly opposed to the United States’ piecemeal approach to updating sanction provisions for the five U.S.-embargoed countries of Sudan, Syria, Cuba, North Korea, and Iran. We’ve noted that the fundamental problem with the United States’ reform method is that it’s “largely reactionary and ultimately prioritizes certain countries over others for reasons that are, to put it charitably, hard to discern.” For example, according to an article published by the Open Technology Institute, the Office of Foreign Assets Control (OFAC) issued Iran a new General License D-1—which replaces the old General License D—making it acceptable for U.S. companies to offer technology tools to Iran such as laptops and anti-virus software. Similar allowances have been made for Syria. Despite years of advocacy, Syrians did not enjoy greater access to technology until after civil war broke out in the country. Recognizing the need for communications technologies, the Department of Treasury issued a general license (§ 542.511) allowing for the access of “instant messaging, chat and email, social networking, sharing of photos and movies, web browsing, and blogging ... provided that such services are publicly available at no cost to the user.”
Sudanese citizens have not enjoyed the same provisions. In fact, U.S. sanctions in Sudan actually “inadvertently aid the regime by blocking access to critical personal communications tools.” The simplest explanation for why sanction reforms have not yet occurred in Sudan seem to be a simple lack of political attention. In Iran, a greater capacity and market demand for technology led to a reconsideration of sanctions, while in Syria, the civil war triggered an advocacy effort to ensure access on the ground to key communications technologies. Unfortunately in Sudan—where 21 percent of the country’s 37 million citizens are online—people remain cut off from many important technologies, from medical resource sites to massive open online courses (MOOCs) and the Google Play store.
As we’ve written before, sanctions are only part of the problem. Since OFAC restrictions limit access to goods, technologies, and services from the U.S. or by a U.S.-person, corporate lawyers are often overly cautious, resulting in overbroad restrictions on access. For example, in 2009 Linkedin, in an effort to protect itself from liability, made the decision to delete the accounts of users in Syria, a decision that also affected usability in Iran, North Korea, Cuba, and Sudan. It wasn’t until after the company was called out for being overly cautious that they reinstated service to Syrian users, admitting overcompliance with export controls restrictions. SourceForge took similar action in 2010, and Apple and Airbnb have both been called out for restrictions placed on Iranians.
Demand for many of the banned technologies and websites are high. Dalia Haj Omar, a Sudanese activist and blogger, told us via e-mail that MOOCs and other online educational programs are “in great demand, especially from a younger population that is turning to online education,” in part because of a 1989 decision by the government to Arabize school curricula. “Many youth realize they can't compete regionally or nationally if they don't have better education,” says Haj Omar. “Some universities are also turning to MOOCs to supplement their curriculums, since access to hard copy books is hard and expensive.”
Sudanese activists are calling for a general license similar to those issued for Iran and Syria. Such a measure would provide residents of the country with much-desired access to sites like Mathworks.com, which provides engineers and scientists with software to discover, research, and innovate; anti-virus software updates from companies like Norton and AVG; and developer sites like SourceForge.
In the meantime, companies can help ease the pain of deprivation by applying for individual licenses. A company that wishes to export to Sudan can file an online application with OFAC for a license. Alternatively, companies may also request “interpretative guidance” as to whether or not they require a license.
Is your company looking to apply for a license? EFF wants to help!
We challenge those companies who are concerned about these restrictions to take the simple steps necessary to apply for a license. In fact, this is so important to us that EFF is willing to help companies that want to take these steps but don’t have the resources to do so. Please contact EFF's Legal Director, Cindy@eff.org, if you'd like our help.
In limiting access to these sites, the Department of Treasury is unjustly preventing Sudanese from accessing information and technologies that are necessary for the advancement, innovation, and democracy of the country. And the fact that users in other U.S.-sanctioned countries sometimes have access to these technologies, while Sudan is left on the sidelines to watch, is just a slap in the face.Related Issues: Free SpeechExport ControlsInnovationInternational
Share this: || Join EFF
The murky copyright situation surrounding phone unlocking could get a little bit clearer, thanks to the new and somewhat improved Unlocking Consumer Choice and Wireless Competition Act, a bipartisan bill in the Senate.
As a refresher: the notion that phone unlocking might violate copyright law comes from an ill-conceived section of the Digital Millennium Copyright Act (DMCA) that prevents the circumvention of technical measures around copyrighted works. If such measures are understood to include restrictions on phone software, then unlocking may violate the DMCA—an outcome Congress never intended.
It's not clear that such an argument would stand up legally, but for years the legal cloud was lifted thanks to a specific exemption to the anti-circumvention rules, granted by the Librarian of Congress in a triennial rulemaking procedure. But in the latest round, the Librarian ended that exemption, restoring a dangerous climate of legal uncertainty. Consumers, understandably, were outraged. A popular petition gathered over 100,000 signatures, drawing responses from the White House, the FCC, and legislators on both sides of the aisle, ultimately bringing us to this week's bipartisan language.
The bill, introduced by Senators Patrick Leahy and Chuck Grassley, offers a narrowly targeted fix to this specific issue, reversing the Librarian of Congress' denial and effectively putting the exemption back on the books until the next rulemaking concludes—about another year.
The bill also makes clear that the exemption does not require phone owners to perform the unlock themselves, and can direct others to unlock their devices without running afoul of the law. Moreover, it instructs the Librarian to consider extending the exemption to include other locked devices, such as tablets. Finally, unlike the House bill, it excludes the dangerous language targeting bulk unlocking, which we feared sent a message that Congress implicitly approves using copyright law to target a business model.
This is a good step in the right direction, but we have a ways to go. The fact is that phone or tablet unlocking, per se, isn't the real issue. The real issue is that an overbroad section of copyright law is sticking its nose in places where copyright simply does not belong. To the extent phone unlocking is affected, that's certainly a problem for users—but it's far from the only area the anti-circumvention rules in the DMCA have bitten the public. Any legislative solution that limits itself to phone unlocking is treating one symptom, and not the underlying disease.
All in all, this proposal is a fine fix for the specific problem of phone unlocking. It looks likely to pass, which is undeniably a good thing for phone owners.
But as we've told Congress before, users deserve better, too. They deserve a more holistic approach to the DMCA's anti-circumvention rules, and the unnecessarily burdensome process of repeatedly arguing for exemptions. It's not impossible to develop such an approach, either; Representative Zoe Lofgren's Unlocking Technology Act, introduced last year, would be a great start.
It may be more difficult politically to achieve a real solution than a fast and narrow fix, but as the damage from anti-circumvention measures continues to mount, it's clear that it is absolutely worth the effort.Related Issues: Fair Use and Intellectual Property: Defending the BalanceDMCADMCA RulemakingInnovationDRM
Share this: || Join EFF