EFF: US-UK Agreement to Allow Warrantless Access to US Internet Servers

This article is from the Electronic Frontier Foundation, which fights for your digital freedoms, about an agreement between the US and the UK which would allow the UK police access to data held by American companies without following US privacy laws or the 4th Amendment.

Congress, Remember the 4th Amendment? It’s Time to Stop the U.S.-UK Agreement.

Unless Congress stops it, foreign police will soon be able to collect and search data on the servers of U.S. Internet companies. They’ll be able to do it without a probable cause warrant, or any oversight from a U.S. judge. This is all happening because of a new law enforcement deal between the U.S. and the United Kingdom. And while it seeks to exclude purely domestic correspondence between U.S. citizens and residents, plenty of Americans’ data will get swept up when they communicate with targeted individuals located abroad.

This is all happening because, for the first time, the U.S. executive branch is flexing its power to enter into law enforcement agreements under the CLOUD Act. We’ve been strongly opposed to this law since it was introduced last year. The recently signed deal between the U.S. Department of Justice and the U.K. Home Office will allow U.K. police easy access to data held by American companies, regardless of where the data is stored. These U.K. data requests, including demands to collect real-time communications, do not need to meet the standards set by U.S. privacy laws or the 4th Amendment. Similarly, the deal will allow U.S. police to grab information held by British companies without following U.K. privacy laws.

This deal, negotiated by American and British law enforcement behind closed doors and without public input, will deal a hammer blow to the legal rights of citizens and residents of both countries. And the damage won’t stop there. The U.S.-U.K. Cloud Act Agreement may well become a model for further bilateral deals with other foreign governments and the United States. Earlier this month, Australian law enforcement agencies began negotiating their own deal to directly access private information held by U.S. Internet companies.

There’s still one possible path to put the brakes on this disastrous U.S.-UK deal: Congress can introduce a joint resolution of disapproval of the agreement within 180 days. This week, EFF has joined 19 other privacy, civil liberties, and human rights organizations to publish a joint letter explaining why Congress must take action to resist this deal.

No Prior Judicial Authorization

In the U.S., the standard for when law enforcement can collect stored communications content is clear: police need to get a warrant, based on probable cause. If police want to wiretap an active conversation, they have to satisfy an even higher standard, sometimes called a “super warrant,” that limits both the timing and use of a wiretap. Perhaps most importantly, stored communications warrants and wiretap warrants have to be signed by a U.S. judge, which adds an extra layer of review to whether privacy standards are met. At EFF, a core part of our work is insisting on the importance of a warrant in many different scenarios.

Judicial authorization is a critical step in the U.S. warrant process. When police search people’s private homes, offices, or devices, they must justify why the search for specific evidence outweighs the presumption that individuals remain free from government intrusion. Judicial authorization acts as a safeguard between citizens and law enforcement. Further, history has shown that police can and will abuse their powers for intimidation, or even personal gain. In colonial times, the British military used general warrants to search through colonists’ houses and seize property—actions that helped fuel a revolution, and formed the basis for the 4th Amendment to the U.S. Constitution.

Incredibly, the DOJ has just thrown those rights away. Instead of relying on probable cause, the new agreement uses an untested privacy standard that says that orders must be based on a “reasonable justification based on articulable and credible facts, particularity, legality, and severity.” No judge in any country has decided what this means. Continue reading “EFF: US-UK Agreement to Allow Warrantless Access to US Internet Servers”

Liberty Blitzkrieg: AG Barr Wants to Kill Privacy and Security

Michael Krieger of Liberty Blitzkrieg has written a post about US Attorney General William Barr who has come out very much against the use of encryption by anyone but the government in recent weeks. The government wants full access to everything that you do and say wherever you are doing it, no matter how personal or private. As usual, it must be done “to save the children.”

William Barr Wants to Kill Privacy and Security…’For the Children’

U.S. Attorney General William Barr, along with co-conspirators in the UK and Australia, recently wrote a letter to Mark Zuckerberg requesting he not move forward with a plan to implement end-to-end encryption across Facebook’s messaging services. A draft of the letter was published earlier this month by Buzzfeed, and it’s worth examining in some detail.

What immediately strikes you is the letter’s emphasis on “protecting the children,” a talking point universally used by authoritarians throughout history to justify both a reduction of public liberty and a transfer of increased power to the state. Though this tactic is transparent and well understood by those paying attention, it’s nevertheless disturbing to observe Barr’s disingenuous and shameless use of it (the words ‘child’ and ‘children’ appear 17 times in the course of this brief letter).

Here’s just one example from the letter:

Companies should not deliberately design their systems to preclude any form of access to content, even for preventing or investigating the most serious crimes. This puts our citizens and societies at risk by severely eroding a company’s ability to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions, preventing the prosecution of offenders and safeguarding of victims. It also impedes law enforcement’s ability to investigate these and other serious crimes. Risks to public safety from Facebook’s proposals are exacerbated in the context of a single platform that would combine inaccessible messaging services with open profiles, providing unique routes for prospective offenders to identify and groom our children.

Barr and the U.S. government feign deep concern regarding the ability of bad people to “identify and groom our children,” yet this is the same guy and government who allowed Jeffrey Epstein to be suicided in a Department of Justice prison just a few months ago. It’s the same guy and government who can’t find or doesn’t want to find Ghislaine Maxwell. And it’s same guy and government that can’t be bothered to raid Epstein’s New Mexico ranch despite known instances of child abuse there…

Click here to read the entire article at Liberty Blitzkrieg.

EFF: Big Tech’s Disingenuous Push for a Federal Privacy Law

Following the theme of the earlier article on The Meat Packing Myth is this article from the Electronic Frontier Foundation – an organization leading the fight for digital privacy and free speech — about a push by big tech companies for federal regulation of digital privacy and why this push is in the self-interest of these corporations rather than in support of your actual privacy.

Big Tech’s Disingenuous Push for a Federal Privacy Law

This week, the Internet Association launched a campaign asking the federal government to pass a new privacy law.

The Internet Association (IA) is a trade group funded by some of the largest tech companies in the world, including Google, Microsoft, Facebook, Amazon, and Uber. Many of its members keep their lights on by tracking users and monetizing their personal data. So why do they want a federal consumer privacy law?

Surprise! It’s not to protect your privacy. Rather, this campaign is a disingenuous ploy to undermine real progress on privacy being made around the country at the state level. IA member companies want to establish a national “privacy law” that undoes stronger state laws and lets them continue business as usual. Lawyers call this “preemption.” IA calls this “a unified, national standard” to avoid “a patchwork of state laws.” We call this a big step backwards for all of our privacy.

The question we should be asking is, “What are they afraid of?”

Stronger state laws

After years of privacy scandals, Americans across the political spectrum want better consumer privacy protections. So far, Congress has failed to act, but states have taken matters into their own hands. The Illinois Biometric Information Privacy Act (BIPA), passed in 2008, makes it illegal to collect biometric data from Illinois citizens without their express, informed, opt-in consent. Vermont requires data brokers to register with the state and report on their activities. And the California Consumer Privacy Act (CCPA), passed in 2018, gives users the right to access their personal data and opt out of its sale. In state legislatures across the country, consumer privacy bills are gaining momentum.

This terrifies big tech companies. Last quarter alone, the IA spent nearly $176,000 lobbying the California legislature, largely to weaken CCPA before it takes effect in January 2021. Thanks to the efforts of a coalition of privacy advocates, including EFF, it failed. The IA and its allies are losing the fight against state privacy laws. So, after years of fighting any kind of privacy legislation, they’re now looking to the federal government to save them from the states. The IA has joined Technet, a group of tech CEOs, and Business Roundtable, another industry lobbying organization, in calls for a weak national “privacy” law that will preempt stronger state laws. In other words, they want to roll back all the progress states like California have made, and prevent other states from protecting consumers in the future. We must not allow them to succeed.

A private right of action

Laws with a private right of action allow ordinary people to sue companies when they break the law. This is essential to make sure the law is properly enforced. Without a private right of action, it’s up to regulators like the Federal Trade Commission or the U.S. Department of Justice to go after misbehaving companies. Even in the best of times, regulatory bodies often don’t have the resources needed to police a multi-trillion dollar industry. And regulators can fall prey to regulatory capture. If all the power of enforcement is left in the hands of a single group, an industry can lobby the government to fill that group with its own people. Federal Communications Commission chair Ajit Pai is a former Verizon lawyer, and he’s overseen massive deregulation of the telecom industry his office is supposed to keep in check.

The strongest state privacy laws include private rights of action. Illinois BIPA allows users whose biometric data is illegally collected or handled to sue the companies responsible. And CCPA lets users sue when a company’s negligence results in a breach of personal information. The IA wants to erase these laws and reduce the penalties its member companies can face for their misconduct in legal proceedings brought by ordinary consumers…

Organic Prepper: Gov’t Still Wants to Backdoor Encryption

Daisy Luther at the Organic Prepper has written an article summarizing some of the recent press and government meetings discussing the government’s desire to be able to reverse encryption on communication devices, web pages, etc. – The Govt. Wants to OUTLAW Encrypted Messaging in iMessage, WhatsApp, Signal, Wickr, Telegram, Etc. If you’re tuned into the modern fight over privacy, they probably isn’t news to you. The government always wants more control over your data, communication and information. They say they need it to keep you safe.  Luckily there are still entities with some pull who are arguing that putting in encryption backdoors will harm the United States, but they’re fighting on the basis of economic harm. No one cares about your privacy. No one in government, anyway.

If you ever use the encrypted messaging options on programs like iMessage, WhatsApp, Signal, Wickr, Telegram, or any other service, your time to discuss things privately over the phone may be running out. The US government doesn’t like for anything to get in the way of their ability to spy on investigate even the most mundane of conversations.

Instead of seeing privacy as a right, they see it as suspicious. Your devices are already being searched at quadruple the previous rate in airports. And the attack on free speech is now going as far as our private messages to our friends and family.

Because the only reason we’d want privacy is that we’re criminals

This was the topic of a National Security meeting last week.

The encryption challenge, which the government calls “going dark,” was the focus of a National Security Council meeting Wednesday morning that included the No. 2 officials from several key agencies, according to three people familiar with the matter.

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography. (source)

So, which government agencies are hot to make encrypted messages illegal?

The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors.”

DHS is internally divided. The Cybersecurity and Infrastructure Security Agency knows the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations. (source)

It looks like the simpler answer is the few who understand there are reasonable, non-criminal uses.

There are plenty of legitimate reasons we might want to encrypt our conversations.

Of course, we know there are dozens of reasons we might want to use the encryption function on our favorite messaging apps. For example, when I was recently traveling in Europe, I needed to give my daughter credit card information to pay a bill for me. I used the encryption function on Telegram to send it because who wants that out there floating around?

Indeed, there are many legitimate reasons to use end-to-end encryption…

Click here to read the entire article at the Organic Prepper.

More Anti-Gun Crazy from New York

From RochesterFirst.com, more proof that the inmates are running the asylum – Proposed law would let State search gun owner’s social media and internet history. The privacy invasions involved in this bill are a new level of crazy. Look for more of this mental diarrhea coming to a state near you.

A new act introduced in the New York State Assembly this month would require pistol owners to submit to a “social media review.”

Anyone applying for, or renewing a pistol permit would have to give up all login information, including passwords, for any social media sites they’re a part of.

Posts from the past three years on site like Facebook, Twitter and Snapchat would be reviewed for language containing slurs, racial/gender bias, threats and terrorism.

One year of search history on Google/Yahoo/Bing would also be reviewed.

Related:

Conservative Firing Line: New York Senate Bill 9191 – Destroying the Bill of Rights

How “Nothing to Hide” Leads to “Nowhere to Hide”

From The Daily BellHow “Nothing to Hide” Leads to “Nowhere to Hide” – Why Privacy Matters in an Age of Tech Totalitarianism

Would you allow a government official into your bedroom on your honeymoon? Or let your mother-in-law hear and record every conversation that takes place in your home or car – especially disagreements with your husband or wife? Would you let a stranger sit in on your children’s playdates so that he could better understand how to entice them with candy or a doll?

Guess what? If you bring your phone with you everywhere, or engage with a whole-house robo helper such as Alexa or Echo or Siri or Google, you’re opening up every aspect of your life to government officials, snooping (possibly criminal) hackers, and advertisers targeting you, your spouse and your children…

When you ask Siri or Echo or Alexa or Google (and others of their ilk) something, it’s great to get an immediate answer… but the corollary is that Siri and Echo and Alexa and Google are listening to every conversation you’re having with your spouse, every fight you’re having with your kids, and every bit of heavy breathing that might be taking place in the dark.

That response inherently grants legitimacy to the search in the first place. The implication is that if you have nothing to “hide,” then the tech companies, the advertisers, the government, etc. should indeed have full access to every aspect of your life…

Technology can lead to convenience, but it can also lead to abuses of power. In its extreme, that is called totalitarianism.

In the end, we must take precautions if we’re to have anything close to liberty. Some of you have, no doubt, read Jonah Goldberg’s excellent book from 2007, Liberal Fascism, the hardcover of which features a smiley face graphic with a Hitler mustache. In the introduction, Mr. Goldberg quotes a segment from a Bill Maher show in which George Carlin says, in essence, (and I’m paraphrasing) that “when fascism comes to America it will be wearing a smiley face.”

I’d go a step further — it will be cloaked in an emoji seemingly innocuous, friendly, and ubiquitous.

We must stop giving away our privacy. We must start thinking about personal “data” as the commodity that it already is, and even as a weapon that can be used against us.

If we don’t stop and reconsider what we’re giving away, not only will there be nothing to hide, but nowhere to hide.

Read the entire article here