Washington, D.C.—The Electronic Frontier Foundation (EFF) asked the U.S. Supreme Court today to reverse a ruling that required Samsung to pay Apple all the profits it earned from smartphones that infringed three basic design patents owned by the iPhone maker.

The $399-million damage award against Samsung, upheld by the United States Court of Appeals for the Federal Circuit in the Apple v. Samsung patent lawsuit, should be thrown out, EFF told the court in an amicus brief filed today with Public Knowledge and The R Street Institute. Forcing defendants to give up 100% of their profits for infringing designs that may only marginally contribute to a product’s overall look and functionality will encourage frivolous lawsuits and lead to excessive damage awards that will raise prices for consumers and deter innovation.

The smartphone design patents at issue in the case include a black rectangular front face with round corners, another for a similar face with a rim and a colorful grid of 16 icons.

"The patent system is supposed to offer fair reward for inventors, not excessive, unfair compensation that threatens our access to technology,” said Vera Ranieri, EFF Staff Attorney. "Such massive windfalls for patent holders will encourage more frivolous lawsuits."

A jury in 2012 held that Samsung’s phones infringed Apple’s utility and design patents; Apple was originally granted $1.05 billion in damages—that amount was later reduced. Samsung appealed to the Federal Circuit, which interpreted, wrongly EFF asserts, that under the Patent Act patent owners are entitled to the entire profit from products that use the patented design. Samsung, EFF, and other technology companies and public interest groups sought and won Supreme Court review of the case.

A more balanced alternative to the improper "winner takes all" approach adopted by the Federal Circuit would be to base damages on how much the infringing designs contributed to the overall value of the smartphones Samsung sold, EFF said.

If the Federal Circuit’s decision is allowed to stand it will create incentives for more design patent lawsuits to flood the courts. Any product or technology that may infringe on a design patent—regardless of whether the infringed design contributes just 1% of the value of a complex product and or whether the patent was intentionally infringed—could trigger the “total profit” rule and allow the patent holder claim 100% of all the profits from the product.

"The Federal Circuit’s reading of the Patent Act was flawed, and we’re asking the Supreme Court to adopt an interpretation that more appropriately balances the interests of patent holders, the industry, and the public," said Ranieri. "There’s good reason to believe that the Federal Circuit’s interpretation will create a cottage industry of abusive patent lawsuits that will enrich clever lawyers at the expense of the public."

San Francisco - The Electronic Frontier Foundation (EFF) urged the Federal Communications Commission (FCC) today to update privacy rules to prevent broadband Internet access service providers from recording and sharing their customers’ every move online.

EFF’s comments are part of the FCC’s rulemaking on consumer privacy and telecommunications services. As broadband providers are uniquely positioned to track every communication and activity—often in real time—the FCC is proposing to update current telecom policy to protect the privacy and security of consumers.

As part of this update, EFF calls on the FCC to enact rules that clearly protect customers’ confidentiality, curtailing data collection to only what is needed to provide Internet access. The current FCC plan includes a tiered consent system, allowing for “implied approval” for sharing personal information, as well as some “opt-in” and “opt-out” sharing. But “implied approval” amounts to treating “no approval” as “approval.” That opens the door to scores of other companies getting information about your online activities without your consent.

“Many decisions about what to do with personal data are done behind customers’ backs, exposing their information to marketers and data brokers without any transparency in the process,” said EFF Staff Technologist Jeremy Gillula. “To protect privacy, you have to have true consent, along with clear data sharing policies and retention and deletion practices. We are asking the FCC to make sure that customers have real control, instead of just an illusion of it.”

Furthermore, EFF advised the FCC to prohibit broadband companies from offering financial inducements in exchange for consent to collect and share personal information.

“Privacy isn’t just for people who can afford it,” said EFF Legislative Counsel Ernesto Falcon. “Customers often don’t understand the implications of giving up personal information—and telecoms aren’t eager to explain the situation clearly—and that’s simply unfair.”

For the full comments to the FCC:
https://www.eff.org/document/effs-comments-fcc-re-broadband-privacy

Fort Belvoir, Virginia—The Electronic Frontier Foundation (EFF) asked a U.S. Army Court of Criminal Appeals Wednesday to overturn Chelsea Manning’s conviction for violating the Computer Fraud and Abuse Act (CFAA), arguing that the law is intended to punish people for breaking into computers systems—something Manning didn’t do. 

Manning is serving a 35-year sentence for her role in the release of approximately 700,000 military and diplomatic records to Wikileaks. She was convicted of 19 counts in all, including one under the CFAA. Her CFAA conviction stems from using unauthorized software to access a State Department database, which was prohibited by the database’s acceptable use policy.

The CFAA makes it illegal to intentionally access a computer connected to the Internet without authorization, but it doesn’t specify what “without authorization” means. Although the CFAA is aimed at computer break-ins, data theft, and destruction of computer systems, overzealous prosecutors have taken advantage of the law’s vague language to bring criminal charges that go beyond Congress’s anti-“hacking” purpose.

"Congress intended to criminalize the act of accessing a computer that you aren’t authorized to access, such as breaking into a corporate computer to steal user data or trade secrets or to spread viruses. The law should not be used to turn a violation of an employer’s computer use restrictions into a federal crime. That’s what happened here," said EFF Legal Fellow Jamie Williams.

In an amicus brief filed Wednesday, EFF told the U.S. Army Court of Criminal Appeals that violating a written policy, which restricted Manning from using unauthorized software to access a State Department database, is not a crime under the CFAA. Because most employers impose one-sided computer use policies on their employees, such an interpretation would potentially turn millions of Americans into criminals on the basis of innocuous activities, like browsing Facebook or viewing online sports scores at work in violation of company policy.

"Three federal circuit courts have recognized that violating computer use policies isn’t a crime under the CFAA, and we’re urging the Army court to follow suit,” said EFF Staff Attorney Andrew Crocker. “We have also urged Congress to adopt Aaron’s Law, named after late programmer and activist Aaron Swartz, who faced CFAA charges. The law which would ensure that people won't face criminal liability for violating terms of service agreements or other solely contractual agreements.”

The Center for Democracy & Technology and the National Association of Criminal Defense Lawyers joined EFF in filing the brief.

For our amicus brief:
https://.eff.org/document/us-v-chelsea-manning-eff-amicus-brief

Correction: an earlier version of this press release misstated the number of documents leaked. It's approximately 700,000 records.

San Francisco—On Thursday and Friday, May 12-13, Electronic Frontier Foundation (EFF) Legal Director Corynne McSherry will participate in public roundtable discussions about the effectiveness of safe harbor provisions of the Digital Millennium Copyright Act (DMCA) at the United States Ninth Circuit James R. Browning Courthouse in San Francisco. The discussions are hosted by the U.S. Copyright Office, which is studying how the provisions impact copyright owners, internet service providers (ISPs) and users—including the ongoing problem of takedown abuse.

Congress passed the provisions—known as Section 512—two decades ago to establish safe harbors that allow service providers to avoid liability for copyright infringing material. Innovation, creativity, and free expression on the Internet are thriving as a result. Section 512 safe harbors have been essential to the modern Internet; without them we couldn’t have a YouTube, a Twitter, a Facebook or whatever comes next.

At the roundtable discussions McSherry will speak about continued takedown abuses, including problems with automated systems and filters for flagging and removing content. She will also discuss EFF’s opposition to proposals requiring ISPs to permanently remove allegedly infringing content, which would amount to the kind of Internet blacklist contemplated by the congressional bills SOPA and PIPA, both promoted by Hollywood but soundly defeated in 2012.

What:
U.S. Copyright Office Section 512 Study Roundtable

Who:
EFF Legal Director Corynne McSherry

When:
Thursday, May 12, 9 a.m. and 1:30 p.m.
Friday, May 13, 1:30 p.m.

Where:
United States Court of Appeals for the Ninth Circuit
James R. Browning Courthouse
95 Seventh St.
San Francisco, California

Washington, D.C.—The Electronic Frontier Foundation (EFF) urged the Federal Communications Commission (FCC) to adopt robust, consumer-friendly “Unlock the Box” rules that will give Americans access to more innovative, useful, and creative devices and software for watching pay cable and satellite television.

The FCC’s proposed “Unlock the Box” rules will allow any manufacturer to create and market devices or apps that will connect consumers to their cable or satellite TV feeds. The proposal will lead to a new generation of navigation devices that let viewers search and play shows on cable, online services, or over-the-air broadcasts from a single clicker, app, or box.

“Unlock the Box” is a long-overdue effort to open up the closed world of TV set-top boxes to competition. For decades pay-TV customers have had no choice but to rent set-top boxes—and while the cost of the TVs and computers they use for viewing has dropped by 90 percent, the cost of cable set-top boxes that often contain three-generations-old technology have risen 185 percent. Recently, some pay-TV companies have begun making some programming available through apps on other devices, but they remain in complete control of the design and function of those apps, while competitors are locked out.

In comments to the FCC today, EFF urged adoption of  “Unlock the Box” rules that maintain user privacy, allow testing by security researchers, and steer clear of loopholes that would enable cable and satellite TV companies to use copyright and other laws to maintain control over consumer devices for navigating TV viewing.

“Clunky, technologically-backwards rental set-top boxes that cost consumers an average of $231 a year and earn billions for cable companies are a frozen artifact of a bygone era. A handful of companies now maintain a monopoly over how consumers access the programming they pay for,’’ said EFF Senior Staff Attorney Mitch Stoltz. “Competition will drive innovation in features and allow consumers to vote with their dollars for devices that are easier to use, have more sophisticated search functions, and integrate multiple sources of programming.”

Cable and satellite companies, movie studios and other major media companies allege “Unlock the Box” rules will lead to unauthorized access to their content, and that building tools for finding and viewing TV content should require permission.

This is nonsense, EFF told the FCC today. The proposed rules don’t permit consumers to access content they haven’t paid for or authorize copying or distribution of TV programming. Copyright laws don’t give rightsholders the power to control the features of your home video devices, or to dictate how you can find and watch the programming that you pay for.

EFF is also urging the FCC to ensure that manufactures of new navigation tools are subject to strong privacy standards that will give consumers the same protections they currently have. EFF warned against giving cable and satellite TV companies authority to decide which devices comply with consumer protection rules—this would only give them another opportunity to attempt to control the device market or exclude competition.

“Consumers need privacy protections, and while competitive device makers aren’t subject to FCC regulations we believe they should be subject to the same legal standards for privacy as cable and satellite TV companies,” said EFF Senior Staff Attorney Lee Tien. “For too long every effort to improve the pay-TV experience for consumers has been derailed by companies that control set-top boxes. If ‘Unlock the Box’ rules are implemented, consumers will be the winners.”

San Francisco—The Electronic Frontier Foundation (EFF) filed a Freedom of Information (FOIA) lawsuit today against the Justice Department to shed light on whether the government has ever used secret court orders to force technology companies to decrypt their customers’ private communications, a practice that could undermine the safety and security of devices used by millions of people.

The lawsuit argues that the DOJ must disclose if the government has ever sought or obtained an order from the Foreign Intelligence Surveillance Court (FISC) requiring third parties—like Apple or Google—to provide technical assistance to carry out surveillance.

The suit separately alleges that the agency has failed to turn over other significant FISC opinions that must be declassified as part of surveillance reforms that Congress enacted with the USA FREEDOM Act.

EFF filed its FOIA requests in October and March amid increasing government pressure on technology companies to provide access to customers’ devices and encrypted communications for investigations. Although the FBI has sought orders from public federal courts to create a backdoor to an iPhone, it is unclear to what extent the government has sought or obtained similar orders from the FISC. The FISC operates mostly in secret and grants nearly every government surveillance request it receives.

The FBI’s controversial attempt to force Apple to build a special backdoor to an iPhone after the San Bernardino attacks underscored EFF’s concerns that the government is threatening the security of millions of people who use these devices daily. Many citizens, technologists and companies expressed similar outrage and concern over the FBI’s actions.

Given the public concern regarding government efforts to force private companies to make their customers less secure, EFF wants to know whether similar efforts are happening in secret before the FISC. There is good reason to think so. News outlets have reported that the government has sought FISC orders and opinions requiring companies to turn over source code so that federal agents can find and exploit security vulnerabilities for surveillance purposes.

Whether done in public or in secret, forcing companies to weaken or break encryption or create backdoors to devices undermines the safety and security of millions of people whose laptops and smartphones contain deeply personal, private information, said EFF Senior Staff Attorney Nate Cardozo.

“If the government is obtaining FISC orders to force a company to build backdoors or decrypt their users’ communications, the public has a right to know about those secret demands to compromise people’s phones and computers,” said Cardozo. “The government should not be able to conscript private companies into weakening the security of these devices, particularly via secret court orders.”

In addition to concerns about secret orders for technical assistance, the lawsuit is also necessary to force the government to comply with the USA FREEDOM Act, said EFF Senior Staff Attorney Mark Rumold. Transparency provisions of the law require FISC decisions that contain significant or novel legal interpretations to be declassified and made public. However, the government has argued that USA FREEDOM only applies to significant FISC decisions written after the law was passed.

“Even setting aside the existence of technical assistance orders, there’s no question that other, significant FISC opinions remain hidden from the public. The government’s narrow interpretation of its transparency obligations under USA FREEDOM is inconsistent with the language of the statute and Congress’ intent,’’ said Rumold. “Congress wanted to bring an end to secret surveillance law, so it required that all significant FISC opinions be declassified and released. Our lawsuit seeks to hold DOJ accountable to the law.”

For the full complaint:
https://www.eff.org/document/fisc-foia-complaint

San Francisco - A media monitoring service that creates a text-searchable database of television and radio content is defending its fair use rights before a federal appeals court. The Electronic Frontier Foundation (EFF), New York University’s Technology Law and Policy Clinic, and Public Knowledge urged the court Wednesday to protect this innovative technology—and others that have yet to be developed—from being shut down by copyright infringement claims.

“Search engines and book digitization have proven the enormous social benefits of indexing and archiving the media,” said EFF Staff Attorney Kit Walsh. “This case is the latest in a long line of copyright-based challenges to these important tools, and it should fail just as the others have.”

In this case, Fox News sued a company called TVEyes, claiming the company’s broadcast content database—used by journalists, scholars, and political campaigns to study and monitor the national media—infringed its copyright in its programming. The district court acknowledged that the service is generally a fair use of copyrighted material, but then, in a second ruling, held that some of the features of the TVEyes database could facilitate infringement, including the ability to share links or search by date and time. In a departure from established legal precedent, the court ruled that this was enough to defeat TVEyes’ fair use defense.

TVEyes appealed to the United States Court of Appeals for the Second Circuit. In an amicus brief filed Wednesday, EFF and its partners argued that the law does not impose liability on a toolmaker based on the possibility that users will misuse a tool, except in limited circumstances not present here and not even alleged by Fox News.

“TVEyes’ liability should not turn on the hypothetical conduct of its users,” said EFF Legal Director Corynne McSherry.  “If the district court decision is upheld, all kinds of new technologies could be at risk. We are asking the appeals court to follow the law and reject Fox News’ claims.”

For the full amicus brief:
https://www.eff.org/document/amicus-brief-37

For more on Fox News v. TVEyes:
https://www.eff.org/cases/fox-news-v-tveyes

San Francisco - The Electronic Frontier Foundation (EFF) urged the United States Court of Appeals for the Fourth Circuit Wednesday to permit Wikimedia and other groups to continue their lawsuit against the NSA over illegal Internet surveillance. A ruling in favor of the plaintiffs in Wikimedia v. NSA would follow the lead of the Ninth Circuit, which allowed EFF’s Jewel v. NSA to go forward despite years of stalling attempts by the government.

In Wikimedia, the American Civil Liberties Union (ACLU) represents nine plaintiffs, including human rights organizations, members of the media, and the Wikimedia Foundation. A federal district judge in Maryland dismissed the case last fall, ruling that the plaintiffs did not have standing to sue. In EFF’s long-running challenge to NSA spying, Jewel, a separate appeals court rightly rejected a similar argument in 2011, and the case is ongoing in federal court. In fact, last Friday, after eight years of litigation in Jewel, a judge authorized EFF to conduct discovery—meaning, for the first time, EFF can begin to compel the government to produce evidence related to the NSA’s surveillance of the nation’s fiber optic Internet backbone.

“We’re well past the point where the government can simply utter ‘national security’ and get these cases dismissed at their outset,” said EFF Staff Attorney Mark Rumold. “We battled back these arguments in Jewel, and now we are asking another appeals court to do the same thing in Wikimedia.”

In the amicus brief filed Wednesday, EFF urges the Fourth Circuit to recognize standing for allegations of harm based on actual past and ongoing surveillance, like those alleged in both Wikimedia and Jewel.

“Jewel, and our recent order allowing us to move forward with discovery, is all the evidence the Fourth Circuit needs to know that cases challenging NSA surveillance can and should go forward,” said Rumold. “The government makes litigating these cases as difficult as possible, but that difficulty doesn’t mean the courts should turn their back on violations of people’s constitutional rights.”

For the full amicus brief:
https://www.eff.org/document/amicus-brief-35

For more on Wikimedia v. NSA:
https://www.eff.org/cases/wikimedia-v-nsa

For more on Jewel v. NSA:
https://www.eff.org/cases/jewel

Chicago—The Electronic Frontier Foundation (EFF) is urging a federal appeals court in Chicago to rule that police need a warrant to access cell phone location records that can reveal our everyday travels—when we leave home, where we go and whom we visit.

In an amicus brief filed Friday in the United States Court of Appeals for the Seventh Circuit, EFF, the American Civil Liberties Union (ACLU), and ACLU of Wisconsin said cell phone location information—data that show where our phones are at a given time and date—generates a comprehensive picture of a person’s movements. Because we carry our phones with us wherever we go, these data can reveal intensely personal information like when we see the doctor, attend a political meeting, or visit friends. Americans have the right to expect that this information remain private and beyond the reach of law enforcement officers unless they first obtain a search warrant.

In this case, U.S. v. Patrick, a Wisconsin man was charged with being a felon in possession of a weapon. Police tracked the man down in real time using location information from his cell phone—obtained either from a phone company or possibly collected using a cell-site simulator, devices known as Stingrays that trick mobile phones into connecting with them. He was located in a car where a gun was found at his feet and arrested. In the brief filed Friday, EFF and the ACLU explain to the court that real-time cell phone location tracking violates the Fourth Amendment’s prohibition against unreasonable search and seizures.

“This is the first time this federal appeals court, whose rulings affect Illinois, Wisconsin and Indiana, is considering whether citizens have an expectation of privacy in real-time cell phone location records,’’ said EFF Senior Staff Attorney Jennifer Lynch. “This case comes as we are seeing a groundswell of recognition that this information is private. Legislatures in the three states covered by the Seventh Circuit have all now prohibited warrantless real-time cell phone. California and at least eight other states also require warrants for real-time tracking.”

There have been conflicting rulings over this issue on the federal level. In 2014 the U.S. Court of Appeals for the Eleventh Circuit in Atlanta ruled that there’s no expectation of privacy in historical cell site location records, so police don’t need a warrant to get them, while the U.S. Court of Appeals for the Fourth Circuit in Richmond, Virginia, last year ruled the opposite.

The U.S. Supreme Court has already recognized that data about where we go can be incredibly revealing and that cell phones hold vast amounts of private information—potentially the sum of an individual’s private life. The court ruled that searching a cell phone found during an arrest and tracking a car using GPS now both require a search warrant.

“The Seventh Circuit should follow the Supreme Court’s lead and recognize that police shouldn’t have unfettered access to records that that can reveal our every move. Law enforcement must be required to get a warrant before accessing the vast amount of private information generated by cell phone location records,’’ said EFF Senior Staff Attorney Adam Schwartz.

San Francisco—The Electronic Frontier Foundation (EFF) is urging a federal appeals court to reinstate a lawsuit seeking to hold Cisco Systems accountable for aiding in human rights abuses by building the Chinese government a system that Cisco officials knew was intended to identify—and facilitate the capture and torture of—members of the Falun Gong religious minority.

In an amicus brief filed Monday with the United States Court of Appeals for the Ninth Circuit, EFF and the groups ARTICLE 19 and Privacy International argue that the plaintiffs sufficiently alleged that Cisco understood that the “Golden Shield” system (also known as The Great Firewall) it custom-built for China was an essential component of the government’s program of persecution against the Falun Gong—persecution that included online spying and tracking, detention, and torture.

In Doe v. Cisco Systems Inc., Falun Gong victims and their families sued Cisco under a law known as the Alien Tort Statute, which allows noncitizens to bring claims in U.S. federal court for violations of human rights laws.  A federal judge dismissed the case, saying the plaintiffs didn’t offer enough support for their claim that Cisco knew the customized features of the Golden Shield enabling the identification and apprehension of Falun Gong practitioners specifically would ultimately lead to torture.

As EFF explains in its brief, the judge misapplied the law.

“The facts alleged by the plaintiffs are sufficient to proceed with a lawsuit claiming Cisco knew that technologies it designed from its offices in San Jose, California, would facilitate human rights abuses, and purposefully built its products to help the Chinese government carry out its program of repressing, capturing, and abusing Falun Gong members,” said EFF Staff Attorney Sophia Cope. “Company officials didn’t have to be present in China in order to assist human rights violations, and victims have a right to their day in court.’’

The Golden Shield system included a library of Falun Gong Internet activity enabling the Chinese government to identify Falun Gong members online, according to the lawsuit. The case also contains strong evidence that Cisco created systems for storing and sharing information about “forced conversion”—i.e. torture—sessions for use as training tools. The cooperation was also documented in internal marketing literature, where a Cisco engineer described the company’s commitment to China’s security objectives, including the “douzheng” of Falun Gong practitioners. Douzheng is a term describing abuse campaigns against disfavored groups comprising of persecution and torture.

“Cisco’s conduct is part of a growing trend of U.S. and European technology companies helping repressive governments become highly efficient at committing human rights violations,” said Cope. “We are asking the Ninth Circuit to recognize that victims of such abuses can seek to hold accomplices like Cisco accountable for their role in brutal persecutions.”

San Francisco - The Electronic Frontier Foundation (EFF) launched new online tracker-testing in its Panopticlick tool today, helping you analyze the privacy protections in your Web browser.

When you visit a website, online trackers and the site itself may be able to identify you, and the records of your online activity can then be distributed among a vast network of advertising exchanges, data brokers, and tracking companies. Many people install ad- or tracker-blockers to try to protect themselves, but it can be hard to know how effective they are. Panopticlick will check your browser and your add-ons and assess the privacy protections users have in place. It can also suggest remedies for under-protected browsers.

But even if you have strong tracker blocking installed on your computer, you could still be identified by what’s called a “browser fingerprint.” That’s the combination of factors such as your operating system, your browser, and plug-ins.  Panopticlick also analyzes the uniqueness of your browser to see if you are still at risk from this kind of data-gathering, even if you have privacy-protective software installed.
 
“Have you ever felt like ads you see online have an uncanny knowledge of your browsing habits? It’s creepy, and a sign you are being tracked,” said EFF Chief Computer Scientist Peter Eckersley. “When you visit Panopticlick and click on the ‘test me’ button, the site simulates the loading of various tracking technologies. Then you get a report to help you understand what protections you have in place, and what’s missing. Panopticlick is a great way to boost your privacy as you read, shop, and interact with websites throughout your day.”

Fighting for user privacy on the Web can feel like an uphill battle, with advertisers and marketers changing their tactics and technologies at a lightning pace. Panopticlick will also do double-duty as a research project for EFF, collecting anonymous data for technologists to analyze so they can improve privacy tools like EFF’s Privacy Badger and develop others down the road.

“Online data-gatherers use tactics that are complex, subtle, and ever-evolving,” said EFF Software Engineer Bill Budington. “Panopticlick is a way for you to help protect yourself, as well as help contribute to our understanding of online tracking more generally.”

For Panopticlick:
https://panopticlick.eff.org/

San Francisco—The Electronic Frontier Foundation (EFF) filed a complaint today with the Federal Trade Commission (FTC) against Google for collecting and data mining school children’s personal information, including their Internet searches—a practice EFF uncovered while researching its “Spying on Students” campaign, which launched today.

The campaign was created to raise awareness about the privacy risks of school-supplied electronic devices and software. EFF examined Google’s Chromebook and Google Apps for Education (GAFE), a suite of educational cloud-based software programs used in many schools across the country by students as young as seven years old.

While Google does not use student data for targeted advertising within a subset of Google sites, EFF found that Google’s “Sync” feature for the Chrome browser is enabled by default on Chromebooks sold to schools. This allows Google to track, store on its servers, and data mine for non-advertising purposes, records of every Internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords. Google doesn’t first obtain permission from students or their parents and since some schools require students to use Chromebooks, many parents are unable to prevent Google’s data collection.

Google’s practices fly in the face of commitments made when it signed the Student Privacy Pledge, a legally enforceable document whereby companies promise to refrain from collecting, using, or sharing students’ personal information except when needed for legitimate educational purposes or if parents provide permission.

“Despite publicly promising not to, Google mines students’ browsing data and other information, and uses it for the company’s own purposes. Making such promises and failing to live up to them is a violation of FTC rules against unfair and deceptive business practices,” said EFF Staff Attorney Nate Cardozo. “Minors shouldn’t be tracked or used as guinea pigs, with their data treated as a profit center. If Google wants to use students’ data to ‘improve Google products,’ then it needs to get express consent from parents.”

Google told EFF that it will soon disable a setting on school Chromebooks that allows Chrome Sync data, such as browsing history, to be shared with other Google services. While that is a small step in the right direction, it doesn’t go nearly far enough to correct the violations of the Student Privacy Pledge currently inherent in Chromebooks being distributed to schools.

EFF’s filing with the FTC also reveals that the administrative settings Google provides to schools allow student personal information to be shared with third-party websites in violation of the Student Privacy Pledge. The ability to collect and potentially share student information follows children whenever they use Chrome to log into their Google accounts, whether on a parents’ Apple iPad, friend’s smartphone or home computer. 

“We commend schools for bringing technology into the classroom. Chromebooks and Google Apps for Education have enormous benefits for teaching and preparing students for the future. But devices and cloud services used in schools must, without compromise or loopholes, protect student privacy,” said EFF Staff Attorney Sophia Cope. “We are calling on the FTC to investigate Google’s conduct, stop the company from using student personal information for its own purposes, and order the company to destroy all information it has collected that’s not for educational purposes.”

EFF’s “Spying on Students” project aims to educate parents and school administrators to the risks of data collection by companies supplying technology tools used by students. The website provides facts on how data is collected, a case study, links to resources for parents and school officials, and tips for improving privacy. 

Michael Godbe, a Fall 2015 EFF Legal Intern, helped prepare the FTC complaint, and Annelyse Gelman, EFF activist intern, helped prepare education material for the project.

To view the FTC complaint:
https://www.eff.org/document/ftc-complaint-google-education

For more information on EFF’s “Spying on Students” project:
https://www.eff.org/issues/student-privacy/

San Francisco—Californians who’ve merely been arrested and not charged, much less convicted of a crime, have a right to privacy when it comes to their genetic material, EFF said in an amicus brief filed Nov. 13 with the state’s highest court.

EFF is urging the California Supreme Court to hold that the state’s arrestee DNA collection law violates privacy and search and seizure protections guaranteed under the California constitution. The law allows police to collect DNA from anyone arrested on suspicion of a felony—without a warrant or any finding by a judge that there was sufficient cause for the arrest. The state stores arrestees’ DNA samples indefinitely, and allows access to DNA profiles by local, state, and federal law enforcement agencies.

EFF is weighing in on People v. Buza, a case involving a San Francisco man who challenged his conviction for refusing to provide a DNA sample after he was arrested. EFF argues that the state should not be allowed to collect DNA from arrestees because our DNA contains our entire genetic makeup—private and personal information that maps who we are, where we come from, and who we are related to. Arrestees, many of whom will never be charged with or convicted of a crime, have a right to keep this information out of the state’s hands.

“Nearly a third of those arrested for suspected felonies in California are later found to be innocent in the eyes of the law. Hundreds of thousands of Californians who were once in custody but never charged still have their DNA stored in law enforcement databases, subject to continuous searches,” said EFF Senior Staff Attorney Jennifer Lynch. “This not only violates the privacy of those arrested, it could impact their family members who may someday be identified through familial searches. The court must recognize that warrantless and suspicionless DNA collection from arrestees puts us on a path towards a future where anyone’s DNA can be gathered, searched, and used for surveillance.”

California officials argue that the court should follow the lead of the U.S. Supreme Court, which ruled in Maryland v. King that citizens’ privacy rights are outweighed by the government’s need to use DNA to identify arrestees, just as it uses fingerprints.

But DNA samples contain our entire genome—fingerprints don’t. What’s more, Maryland limits DNA collection to those arrested and subsequently charged for serious offenses—in 2013 that amounted to 17,400 arrests. In California, all of the nearly 412,000 felony arrests that same year were subject to DNA collection. Maryland also prohibits familial searches and requires DNA samples to be automatically expunged from databases and destroyed if a person is never charged with or convicted of the crime leading to arrest. California law doesn’t prohibit familial searches, and the state makes it extremely difficult for citizens to have their DNA records removed from the system.

“A lower court in this case correctly recognized that California’s DNA collection law deeply intrudes on the privacy interests of arrestees. The California Supreme Court should come to the same conclusion and strike it down,” said Lynch.

Law professors at UC Davis School of Law, New York University School of Law, Georgia State University College of Law, and UC Berkeley School of Law,  as well the Office of the Maryland Public Defender and the National Association of Criminal Defense Lawyers joined EFF in filing the brief.

Washington, D.C. - The Librarian of Congress has granted security researchers and others the right to inspect and modify the software in their cars and other vehicles, despite protests from vehicle manufacturers. The Electronic Frontier Foundation (EFF) filed the request for software access as part of the complex, triennial rulemaking process that determines exemptions from Section 1201 of the Digital Millennium Copyright Act (DMCA).

Because Section 1201 prohibits unlocking “access controls” on the software, car companies have been able to threaten legal action against anyone who needs to get around those restrictions, no matter how legitimate the reason. While the copyright office removed this legal cloud from much car software research, it also delayed implementation of the exemption for one year.

“This ‘access control’ rule is supposed to protect against unlawful copying,” said EFF Staff Attorney Kit Walsh. “But as we’ve seen in the recent Volkswagen scandal—where VW was caught manipulating smog tests—it can be used instead to hide wrongdoing hidden in computer code. We are pleased that analysts will now be able to examine the software in the cars we drive without facing legal threats from car manufacturers, and that the Librarian has acted to promote competition in the vehicle aftermarket and protect the long tradition of vehicle owners tinkering with their cars and tractors. The year-long delay in implementing the exemptions, though, is disappointing and unjustified. The VW smog tests and a long run of security vulnerabilities have shown researchers and drivers need the exemptions now.”

EFF also won an exemption for users who want to play video games after the publisher cuts off support. For example, some players may need to modify an old video game so it doesn’t perform a check with an authentication server that has since been shut down. The Librarian also granted EFF’s petition to renew a previous exemption to jailbreak smartphones, and extended that to other mobile devices, including tablets and smartwatches. This clarifies the law around jailbreaking, making clear that users are allowed to run operating systems and applications from any source, not just those approved by the manufacturer. EFF also won the renewal and partial expansion of the exemptions for remix videos that use excerpts from DVDs, Blu-Ray discs, or downloading services.

 “We’re pleased that the Librarian of Congress and the Copyright Office have expanded these legal protections to users of newer products like tablets, wearable computers, and Blu-Ray discs,” said EFF Senior Staff Attorney Mitch Stoltz.

Today’s ruling is a victory for users, artists, and researchers.  However, the laborious process required to remove a legal cloud over clear fair uses highlights the need for fundamental reforms.

“It’s absurd that we have to spend so much time, every three years, filing and defending these petitions to the copyright office. Technologists, artists, and fans should not have to get permission from the government—and rely on the contradictory and often nonsensical rulings—before investigating whether their car is lying to them or using their phone however they want,” said EFF Legal Director Corynne McSherry. “But despite this ridiculous system, we are glad for our victories here, and that basic rights to modify, research, and tinker have been protected.”

EFF's remix petition was drafted and co-submitted with the Organization for Transformative Works. EFF’s remaining petitions received invaluable assistance from the NYU Technology Law & Policy Clinic, attorney Marcia Hofmann, and former EFF intern Kendra Albert.

For the full ruling from the Library of Congress:
http://copyright.gov/1201/2015/fedreg-publicinspectionFR.pdf

For more on the DMCA rulemaking:
https://www.eff.org/cases/2015-dmca-rulemaking

San Francisco­—The Electronic Frontier Foundation (EFF) and the ACLU Foundation of Southern California (ACLU SoCal) are urging California’s highest court to rule that license plate data, collected indiscriminately on millions of drivers by police across the state, are not investigative records and should be made available to the public.

EFF and ACLU SoCal argued in a brief filed today with the California Supreme Court that citizens need access to automated license plate reader (ALPR) records to understand exactly how this intrusive technology is used.

ALPRs are high-speed cameras mounted on light poles and police cars that continuously scan the plates of every passing car. They collect not only the license plate number but also the time, date, and location of each plate scanned, along with a photograph of the vehicle and sometimes its occupants. The Los Angeles Police Department (LAPD) and the Los Angeles County Sheriff's Department (LASD) collect, on average, three million plate scans every week and have amassed a database of half a billion records.

EFF filed public records requests for a week’s worth of ALPR data from the agencies and, along with ACLU SoCal, sued after both refused to release the records.

EFF and ACLU SoCal are now asking the state supreme court to overturn a ruling in the case from a lower court that said all license plate data—collected indiscriminately and without suspicion that the vehicle or driver was involved in a crime—could be withheld from disclosure as “records of law enforcement investigations.”

“That argument is tantamount to saying all drivers in Los Angeles are under criminal investigation at all times,’’ said EFF Senior Staff Attorney Jennifer Lynch. “The ruling sets a troubling standard that would not just allow these agencies to keep ALPR data from the public but could also allow the police to keep data and footage from other surveillance technologies—from body cameras to drones to face recognition—from ever being scrutinized.”

“Drivers would be surprised to learn that they are under investigation every time they drive in public,” said Peter Bibring, director of police practices at the ACLU SoCal. “The Fourth Amendment was added to the U.S. Constitution exactly to prevent law enforcement from conducting mass, suspicionless investigations under ‘general warrants’ that target no specific person or place and never expire.” 

Contact:

Jennifer Lynch
Senior Staff Attorney
Electronic Frontier Foundation
jlynch@eff.org

Sandra Hernandez
Director of Communications
ACLU of Southern California
+1 213-977-9500 x247

Stanford, California—On Wednesday, October 21, at 12:45 pm, the Electronic Frontier Foundation (EFF) will urge a federal appeals court to order the U.S. government to disclose information about its role in facilitating exports of American-made surveillance tools to foreign nations.

The hearing is part of a Freedom of Information Act (FOIA) lawsuit against the U.S. Commerce Department, which denied a request seeking disclosure of export applications for surveillance technologies. The agency has argued that it could withhold the documents under a 1979 law—even though that law expired in 2001. In July 2013, a federal judge agreed with EFF, finding the lapsed law did not justify withholding the information. He ordered the records disclosed, and the government appealed that decision.

At Wednesday’s hearing, EFF Staff Attorney Mark Rumold will argue that the government can’t resurrect dead laws to keep information from the public. “EFF’s FOIA request would shed light on the role our government plays when technology companies export spying equipment to nations that don’t respect human rights. The government can’t rely on a law that expired almost 15 years ago to hide this critical information from the public,’’ said Rumold. 

The hearing is being held at Stanford Law School in a special sitting of the U.S. Court of Appeals for the Ninth Circuit.

What:
EFF v. U.S. Department of Commerce

When:
Wednesday, Oct. 21
12:45 pm

Where:
Stanford Law School
Room 80 Moot Courtroom
559 Nathan Abbott Way
Stanford, CA 94305

For more on this case:
https://eff.org/cases/eff-v-us-department-commerce

San Francisco—The Electronic Frontier Foundation (EFF) today launched the Offline project, a campaign devoted to digital heroes—coders, bloggers, and technologists—who have been imprisoned, tortured, and even sentenced to death for raising their voices online or building tools that enable and protect free expression on the Internet.

The Offline project initially presents five cases of silenced pioneers, including the personal stories of technologists like Saeed Malekpour, a Canadian programmer who wrote software for uploading photos to the Web. While visiting Iran, Malekpour was kidnapped, thrown in prison, beaten, tortured, and given a death sentence by an Iranian court. His case, and other cases of coders and online journalists imprisoned by governments for their work in the digital world, have received little attention in the mainstream media and online community.

Offline aims to change that by collecting these important stories and providing links and resources about what the online community can do to support them, defend their names, and keep them safe. More cases will be added to the project in the future.

“Oppressive regimes are silencing those whose work or voices they wish to squelch by throwing them in jail. Offline will shed much-needed attention on these technologists and encourage digital citizens to join campaigns advocating for their freedom," said Danny O’Brien, EFF’s international director. “We see a clear connection between innovators who work to build an open Internet in relative safety and colleagues doing similar work who have been silenced and cut off from the online world we share. We hope to strengthen that association in order to help keep all technologists safe regardless of where they live or travel."

Offline was created in response to an alarming increase in the number of technologists detained or threatened with prison for their work. Another example is tech pioneer Bassel Khartabil, a Palestinian-Syrian software developer who wrote and shared free code as well as information about his home country of Syria. He was arrested and charged in a bid to stifle access to news and free expression. 

“It's a tragedy that our friend and co-developer Bassel is imprisoned, when Syria and the world so badly need his skills and commitment to open, peaceful collaboration," said Jon Phillips, Bassel’s colleague and organizer of the #freebassel campaign. “Until he is free, maintaining the visibility of his situation is vital to shielding him from harm and keeping his spirits up."

Advocacy and campaigns on behalf of imprisoned technologists can make a difference. Saeed Malekpour’s original death penalty was reduced to life imprisonment in 2012 after an international outcry over his sentencing.

“Our past experience has shown that when you shine a light on these prisoners of conscience, sentences are often reduced and conditions improved," said Jillian C. York, EFF’s director for international freedom of expression.

San Francisco – A federal appeals court in San Francisco today affirmed that copyright holders must consider whether a use of material is fair before sending a takedown notice. The ruling came in Lenz v. Universal, often called the “dancing baby” lawsuit.

The Electronic Frontier Foundation (EFF) represents Stephanie Lenz, who—back in 2007—posted a 29-second video to YouTube of her children dancing in her kitchen. The Prince song “Let’s Go Crazy” was playing on a stereo in the background of the short clip. Universal Music Group sent YouTube a notice under the Digital Millennium Copyright Act (DMCA), claiming that the family video infringed the copyright in Prince’s song. EFF sued Universal on Lenz’s behalf, arguing that Universal abused the DMCA by improperly targeting a lawful fair use.

Today, the United States Court of Appeals for the Ninth Circuit ruled that copyright holders like Universal must consider fair use before trying to remove content from the Internet. It also rejected Universal’s claim that a victim of takedown abuse cannot vindicate her rights if she cannot show actual monetary loss.

“Today’s ruling sends a strong message that copyright law does not authorize thoughtless censorship of lawful speech,” said EFF Legal Director Corynne McSherry. “We’re pleased that the court recognized that ignoring fair use rights makes content holders liable for damages.”

Today’s ruling in the Lenz case comes at a critical time. Heated political campaigns—like the current presidential primaries—have historically led to a rash of copyright takedown abuse. Criticism of politicians often includes short clips of campaign appearances in order to make arguments to viewers, and broadcast networks, candidates, and other copyright holders have sometimes misused copyright law in order to remove the criticism from the Internet.

“The decision made by the appeals court today has ramifications far beyond Ms. Lenz’s rights to share her video with family and friends,” said McSherry. “We will all watch a lot of online video and analysis of presidential candidates in the months to come, and this ruling will help make sure that information remains uncensored.”

Keker & Van Nest LLP serves as co-counsel on Lenz v. Universal.

For the full decision from the Ninth Circuit:
https://www.eff.org/document/9th-circuit-opinion-lenz

For more on this case:
https://www.eff.org/cases/lenz-v-universal

Washington D.C.—Americans have the right to expect that digital records of their daily travels—when they left home, where they went, and how long they stayed—is private information, the Electronic Frontier Foundation (EFF) said in an amicus brief filed with the Supreme Court of the United States.

Weighing in on one of the most important digital privacy rights cases of the year, EFF is asking the court to hear arguments in Davis v. U.S., a federal criminal case from Florida that examines whether police need a search warrant to obtain historical cell site location information (CSLI). These records show law enforcement which cell phone towers your phone has connected to in the past. In this case, police obtained 67 days of records about defendant Quartavious Davis without a warrant and used them to implicate him in various robberies.

In the brief filed Monday, EFF and other advocacy groups argue that the ubiquity of cell phone use in this country—along with a clear increase in law enforcement demands for cell site records and conflicting court rulings about the need for search warrants—means the U.S. Supreme Court should grant review in Davis’s case.

“It’s time for law enforcement to recognize that Americans’ physical location information is sensitive, and private, and protected by the Fourth Amendment’s guarantee against unreasonable searches and seizures,’’ said EFF Senior Staff Attorney Hanni Fakhoury. “Cell phones are an integral part of modern life and carry detailed information about where we go and when we travel. Many federal and state courts have already ruled that cell site information is protected under the Fourth Amendment. We are urging this country’s highest court to afford all Americans this important protection from law enforcement unless there’s a search warrant.’’

The request for Supreme Court review comes after the U.S. Court of Appeals for the Eleventh Circuit found Davis did not have an expectation of privacy in historical cell site records, meaning police did not need to obtain a search warrant before requesting and receiving his location data. This decision conflicts both with an earlier decision from the Florida Supreme Court, and a later decision from the U.S. Court of Appeals for the Fourth Circuit, which found people do have an expectation of privacy in these records, so police need a warrant to get them. More critically, the Eleventh Circuit’s decision ignores the modern reality of cell phone use: nearly everyone carries one, leaving a digital trail that could potentially be accessed at any time. Without a strong ruling from the highest court, the public and police are left with conflicting guidance about the level of constitutional protection for this sensitive location information.

“The U.S. Supreme Court has already ruled in Riley v. California that cell phones hold vast amounts of private information, potentially the sum of an individual’s private life, and searching that data requires a search warrant,’’ said EFF Senior Staff Attorney Jennifer Lynch. ‘’We believe it’s high time that the government recognize that cell phones not only hold our private data, they also generate data—stored with cell phone companies—about our private movements and travels. The government shouldn’t be allowed unfettered access to this information without first going to court and obtaining a warrant.’’

San Francisco—The Electronic Frontier Foundation (EFF) filed a Freedom of Information Act (FOIA) lawsuit against the Department of Justice (DOJ) and the FBI to gain access to documents revealing the government’s plans to use Rapid DNA. The FBI said it found no records responsive to EFF’s FOIA requests, even though it’s been working to roll out Rapid DNA and lobbying Congress to approve nationwide use for more than five years.

Rapid DNA analyzers—laser printer-sized, portable machines that allow anyone to process a DNA sample in as little as 50 minutes—are the newest frontier in DNA collection and profiling in law enforcement. With Rapid DNA, the police can collect a a DNA sample from a suspect, extract a profile, and match that profile against a database in less time than it takes to book someone—and it’s all done by non-scientists in the field, well outside an accredited lab.

“EFF has long been concerned about the privacy risks associated with collecting, testing, storing and sharing of genetic data. The use of Rapid DNA stands to vastly increase the collection of DNA, because it makes it much easier for the police to get it from anyone they want, whenever they want. The public has a right to know how this will be carried out and how the FBI will protect peoples’ privacy,” said Jennifer Lynch, EFF senior staff attorney. ‘’Rapid DNA can’t accurately extract a profile from evidence containing commingled body fluids, increasing the risk that people could be mistakenly linked to crimes they didn’t commit.’’

The FBI has been working with manufacturers for years on a program to develop Rapid DNA and incorporate Rapid DNA profiles into a national DNA database used by crime labs and law enforcement agencies across the country. While some local police stations are already using Rapid DNA, the FBI can’t allow Rapid DNA profiles generated outside accredited laboratories into the database or the Combined DNA Index System (CODIS) until lab validation rules are modified and Congress amends DNA laws—something the agency and Rapid DNA technology makers have been lobbying lawmakers for. 

Despite briefing Congress and discussing plans at biometric conferences, the FBI hasn’t disclosed full information about its Rapid DNA project. EFF filed FOIA requests with the FBI seeking documents from 2012 to the present about these plans.

 “Incredibly, the FBI told us it found no records responsive to our requests. Even though it has been funding and working with manufacturers to develop the technology, and has a whole webpage devoted to the subject, the FBI said it couldn’t locate a single document about this major effort to use Rapid DNA,” said Lynch. “The FBI shouldn’t be allowed to hide its plans to develop a technology that could have a huge impact on genetic privacy. We are asking a court to order DOJ to turn over documents we requested so we and the communities where Rapid DNA is being deployed can review the program.”

For this complaint:
https://www.eff.org/document/rapid-dna-foia-complaint-0

For more on DNA collection:
https://www.eff.org/foia/dna-collection

San Francisco - The Electronic Frontier Foundation (EFF) today released Privacy Badger 1.0, a browser extension that blocks some of the sneakiest trackers that try to spy on your Web browsing habits.

More than a quarter of a million users have already installed the alpha and beta releases of Privacy Badger. The new Privacy Badger 1.0 includes blocking of certain kinds of super-cookies and browser fingerprinting—the latest ways that some parts of the online tracking industry try to follow Internet users from site to site.

“It’s likely you are being tracked by advertisers and other third parties online. You can see some of it when it’s happening, such as ads that follow you around the Web that seem to reflect your past browsing history,” said EFF Staff Technologist Cooper Quintin, lead developer of Privacy Badger. “Those echoes from your past mean you are being tracked, and the records of your online activity are distributed to other third parties—all without your knowledge, control, or consent. But Privacy Badger 1.0 will spot many of the trackers following you without your permission, and will block them or screen out the cookies that do their dirty work.”

Privacy Badger 1.0 works in tandem with the new Do Not Track (DNT) policy, announced earlier this week by EFF and a coalition of Internet companies. Users can set the DNT flag—in their browser settings or by installing Privacy Badger—to signal that they want to opt-out of online tracking. Privacy Badger won’t block third-party services that promise to honor all DNT requests.

“With DNT and Privacy Badger 1.0, Internet users have important new tools to make their desires about online tracking known to the websites they visit and to enforce those desires by blocking stealthy online tracking and the exploitation of their reading history,” said EFF Chief Computer Scientist Peter Eckersley, leader of the DNT project. “It’s time to put users back in control and stop surreptitious, intrusive Internet data collection. Installing Privacy Badger 1.0 helps build a leaner, cleaner, privacy-friendly Web.”

To download Privacy Badger 1.0:
https://www.eff.org/privacybadger

For more on the new Do Not Track policy:
https://www.eff.org/dnt-policy

San Francisco – Responding to a troubling rise in law enforcement’s use of high-tech surveillance devices that are often hidden from the communities where they’re used, the Electronic Frontier Foundation (EFF) today launched the Street-Level Surveillance Project (SLS), a Web portal loaded with comprehensive, easy-to-access information on police spying tools like license plate readers, biometric collection devices, and “Stingrays.’’

The SLS Project addresses an information gap that has developed as law enforcement agencies deploy sophisticated technology products that are supposed to target criminals but that in fact scoop up private information about millions of ordinary, law-abiding citizens who aren’t suspected of committing crimes. Government agencies are less than forthcoming about how they use these tools, which are becoming more and more sophisticated every year, and often hide the facts about their use from the public. What’s more, police spying tools are being used first in low-income, immigrant, and minority communities­—populations that may lack access to information and resources to challenge improper surveillance.

“Law enforcement agencies at the federal, state, and local level are increasingly using sophisticated tools to track our cell phone calls, photograph our vehicles and follow our driving patterns, take our pictures in public places, and collect our fingerprints and DNA. But the public doesn’t know much about those tools and how they are used,’’ said EFF Senior Staff Attorney Jennifer Lynch. “The SLS Project provides a simple but in-depth look at how these surveillance technologies work, who makes and uses them, and what kind of data they are collecting. We hope that community groups, advocacy organizations, defense attorneys, and individuals all take advantage of the information we’ve gathered.”

The SLS Project website went live today with extensive information on biometric technologies which collect fingerprints, DNA, and face prints as well as on automated license plate readers (ALPRs)—cameras mounted on patrol cars and on city streets that scan and record the plates of millions of cars across the country. Each topic includes explainers, FAQs, infographics, and links to EFF’s legal work in courts and legislatures. Information about “Stingrays’’—devices that masquerade as cell phone towers and trick mobile phones into connecting with them to track phone locations in real time—drones, and other surveillance technologies will be added in the coming months.

“The public has heard or read so much about NSA spying, but there’s a real need for information and resources about surveillance tools being used by local law enforcement on our home turf. These technologies are often adopted in a shroud of secrecy, but communities deserve to understand these technologies and how they may be violating our rights,’’ said EFF Activist Nadia Kayyali. “The SLS Project is a much-needed tool that can help communities under surveillance start a conversation about how to advocate for limiting or stopping their use.’’

For Street-Level Surveillance Project:
https://www.eff.org/sls

Washington, D.C. - On Tuesday, July 14, at 2 pm, the Electronic Frontier Foundation (EFF) will urge a federal court to allow an American to proceed with his lawsuit against the Ethiopian government for infecting his computer with secret spyware, wiretapping his private calls, and monitoring his family’s every use of the computer for weeks on end.

EFF is representing the plaintiff in this case, who has been given permission by the court to allow him to use his pseudonym Mr. Kidane in order to protect the safety and well-being of his family both in the United States and Ethiopia. The Ethiopian government’s U.S. lawyers have asked to have the case dismissed, claiming that foreign governments have a right wiretap Americans inside their own homes without court oversight, a right that not even the U.S. government claims for itself. EFF Staff Attorney Nate Cardozo will argue Tuesday that Ethiopia must answer in court for the illegal spying on Mr. Kidane. The case is also supported by the law firm of Robins, Kaplan, Miller and Ciresi, LLP.

The spyware that EFF’s experts found on Mr. Kidane’s computer appears to be part of a systemic campaign by the Ethiopian government to spy on perceived political opponents.  The malware in this case was a program called FinSpy, surveillance software marketed exclusively to governments by the Gamma Group of Companies. Just recently, leaked documents have shown that a competing spyware company called Hacking Team has also provided covert surveillance software to Ethiopia, which was used to spy on journalists critical to the current government.

WHAT:
Kidane v. Ethiopia

WHEN:
Tuesday, July 14
2 pm

WHERE:
United States District Court for the District of Columbia
Courtroom 21
333 Constitution Ave NW
Washington, DC 20001

For more on this case:
https://www.eff.org/cases/kidane-v-ethiopia

San Francisco ­– The Electronic Frontier Foundation (EFF) today filed lawsuits against the U.S. Department of Justice and the California Attorney General’s office demanding records that shed light on a secret drug enforcement program that allows federal and local law enforcement agents to obtain citizens’ phone call records from AT&T.

The ''Hemisphere'' program, which is funded by the Drug Enforcement Administration (DEA) and the White House’s Office of National Drug Control Policy (ONDCP), places AT&T employees within law enforcement agencies to help investigators get quick access to call records stored with the company, according to a New York Times report from 2013. Hemisphere covers all calls passing through an AT&T switch—not just those made by AT&T customers—and includes calls going back to 1987, the Times revealed. Investigators using the program were urged to ''keep the program under the radar'' and use the call records in such a way as to keep Hemisphere’s information ''walled off'' from public scrutiny, according to government documents disclosed by the Times.

EFF filed Freedom of Information Act and Public Records Act requests last year, looking for answers about Hemisphere. But the Justice Department and the California Attorney General released only heavily and improperly redacted records, withholding important information about the program and how it is used by law enforcement. In lawsuits filed in both state and federal court in San Francisco today, EFF asked judges to order the Justice Department and California to turn over the requested records.

''The federal government, specifically the Drug Enforcement Administration, has taken pains to hide its use of Hemisphere, telling police agencies to 'never refer to Hemisphere in any official document,''' said Hanni Fakhoury, EFF senior staff attorney. ''The public has a right to know about this vast phone call records program.''

White House records disclosed by the New York Times revealed that Hemisphere is coordinated in part through the California Attorney General’s Los Angeles Regional Criminal Information Clearing House (LACLEAR), an intelligence support center for Los Angeles drug enforcement activities.

EFF’s request under the California Public Records Act asked LACLEAR for documents about its involvement in Hemisphere, including training materials, contracts between it and federal agencies, and communications about the use of program between LACLEAR and federal and state agencies. However, after a lengthy delay, LACLEAR produced only 99 pages of PowerPoint presentations about training—many of which were redacted in full to hide the names of police squads that used Hemisphere and the law enforcement agencies involved in the Hemisphere request process.

The Justice Department similarly withheld documents, providing only heavily redacted, and essentially worthless, records after EFF filed its FOIA request in February 2014.

''These lawsuits seek transparency over a program that allows law enforcement agencies to tap into a vast phone record database without court oversight,'' said Jennifer Lynch, EFF senior staff attorney. ''The agencies are misusing public records laws to hide information that is crucial to understanding how the Hemisphere program is being used.''

For more on these cases:
https://eff.org/cases/hemisphere