EFF update

This interview has been edited for clarity and length.*

Obioma Okonkwo is a lawyer and human rights advocate. She is currently the Head of Legal at Media Rights Agenda (MRA), a non-governmental organization based in Nigeria whose focus is to promote and defend freedom of expression, press freedom, digital rights and access to information within Nigeria and across Africa. She is passionate about advancing freedom of expression, media freedom, access to information, and digital rights. She also has extensive experience in litigating, researching, advocating and training around these issues. Obioma is an alumnus of the Open Internet for Democracy Leaders Programme, a fellow of the African School of Internet Governance, and a Media Viability Ambassador with the Deutsche Welle Akademie.

 York: What does free speech or free expression mean to you?

In my view, free speech is an intrinsic right that allows citizens, journalists and individuals to express themselves freely without repressive restriction. It is also the ability to speak, be heard, and participate in social life as well as political discussion, and this includes the right to disseminate information and the right to know. Considering my work around press freedom and media rights, I would also say that free speech is when the media can gather and disseminate information to the public without restrictions.

 York: Can you tell me about an experience in your life that helped shape your views on free speech?

 An experience that shaped my views on free speech happened in 2013, while I was in University. Some of my schoolmates were involved in a ghastly car accident—as a result of a bad road—which resulted in their death. This led the students to start an online campaign demanding that the government should repair the road and compensate the victims’ families. Due to this campaign, the road was repaired and the victims’ families were compensated.  Another instance is the #End SARS protest, a protest against police brutality and corrupt practices in Nigeria. People were freely expressing their opinions both offline and online on this issue and demanding for a reform of the Nigerian Police Force. These incidents have helped shape my views on how important the right to free speech is in any given society considering that it gives everyone an avenue to hold the government accountable, demand for justice, as well as share their views about how they feel about certain issues that affect them as an individual or group.  

 York: I know you work a bit on press freedom in Nigeria and across Africa. Can you tell me a bit about the situation for press freedom in the context in which you’re working?

 The situation for press freedom in Africa—and particularly Nigeria—is currently an eye sore. The legal and political environment is becoming repressive against press freedom and freedom of expression as governments across the region are now posing themselves as authoritarian. And they have been making several efforts to gag the media by enacting draconian laws, arresting and arbitrarily detaining journalists, imposing fines, and closing media outlets, amongst many other actions.

In my country, Nigeria, the government has resorted to using laws like the Cybercrime Act of 2015 and the Criminal Code Act, among other laws, to silence journalists who are either exposing their corrupt practices, sharing dissenting views, or holding them accountable to the people. For instance, journalists like Agba Jalingo, Ayodele Samuel, Emmanuel Ojo and Dare Akogun – just to mention a few who have been arrested, detained, or charged to court under these laws. In the case of Agba Jalingo, he was arrested and detained for over 100 days after he exposed the corrupt practices of the Governor of Cross River, a state in Nigeria.

 The case is the same in many African countries including Benin, Ghana, and Senegal. Journalists are arrested, detained, and sent to court for performing their journalistic duty. Ignace Sossou, a journalist in Benin, was sent to court and imprisoned under the Digital Code for posting the statement of the Minister of justice  on his Facebook’s account. The reality right now is that governments across the region are at war against press freedom and journalists who are purveyors of information.

 Although this is what press freedom looks like across the region, civil society organizations are fighting back to protect press freedom and freedom of  expression.  To create an enabling environment for press freedom, my organization, Media Rights Agenda (MRA) has been making several efforts such as instituting lawsuits before the national and regional courts challenging these draconian laws; providing pro bono legal representation to journalists who are arrested, detained, or charged; and engaging various stakeholders on this issue. 

 York: Are you working on the issue of online regulation and can you tell us the situation of online speech in the region?

 As the Head of Legal with MRA, I am actively working around the issue of online regulation to ensure that the rights to press freedom, freedom of expression, access to information, and digital rights are promoted and protected online. The region is facing an era of digital authoritarianism as there is a crackdown on online speech. In the context of my country, the Nigerian Government has made several attempts to regulate the internet or introduce social media bills under the guise of combating cybercrimes, hate speech, and mis/disinformation. However, diverse stakeholders – including civil society organizations like my organization – have, on many occasions, fought against these attempts to regulate online speech for the reason that these proposed bills will not only limit freedom of expression, press freedom, and other digital rights. They will also shrink the civic space online, as some of their provisions are overly broad and governments are known for using laws like this arbitrarily to silence dissenting voices and witch hunt journalists, opposition entities, or individuals.

 An example is when diverse stakeholders challenged the National Information and Technology Development Agency (NITDA), an agency saddled with the duty of creating a framework for the planning and regulation of information technology practices activities and systems in Nigeria over the draft regulation, “Code of Practices for Interactive Computer Service Platforms/Internet Intermediaries.” They challenged the draft regulation on the basis that it must contain some provisions that recognize freedom of expression, privacy, press freedom and other human rights concerns. Although the agency took into consideration some of the suggestions made by these stakeholders, there are still concerns that individuals, activists, and human rights defenders might be surveilled, amongst other things.

 The government of Nigeria is relying on laws like the Cybercrime Act, Criminal Code Act and many more to stifle online speech. And the Ghanaian government is no different as they are also relying on the Electronic Communication Act to suppress freedom of expression and hound critical journalists under the pretense of battling fake news. Countries like Zimbabwe, Sudan, Uganda, and Morocco have also enacted laws to silence dissent and repress citizens’ internet use especially for expression.

 York: Can you also tell me a little bit more about the landscape for civil society where you work? Are there any creative tactics or strategies from civil society that you work with?

 Nigeria is home to a wide variety of civil society organizations (CSOs) and non-governmental organizations (NGOs). The main legislation that regulates CSOs are federal laws such as the Nigerian Constitution, which guarantees freedom of association, and the Companies and Allied Matters Act (CAMA), which provides every group or association with legal personality.

 CSOs in Nigeria face quite a number of legal and political hurdles. For example, CSOs that wish to operate as a company limited by guarantee need to seek the consent of the Attorney-General of the Federation which may be rejected. While CSOs operating as incorporated trustees are mandated to carry out some obligations which can be tedious and time consuming. On several occasions, the Nigerian Government has made attempts to pressure and even subvert CSOs and to single out certain CSOs for special adverse treatment. Despite receiving foreign funding support, the Nigerian government finds it convenient to berate or criticize CSOs as being “sponsored” by foreign interests, with the underlying suggestion that such organizations are unpatriotic and – by criticizing government – are being paid to act contrary to Nigeria’s interests.

 There are lots of strategies or tactics CSOs are using to address the issues they are working on, including issuing press statements, engaging diverse stakeholders, litigation, capacity-building efforts, and advocacy.  

 York: Do you have a free expression hero?

 Yes, I do. All the critical journalists out there are my free expression heroes. I also consider Julian Assange as a free speech hero for his belief in openness and transparency as well as taking personal risk to expose the corrupt acts of the powerful, an act necessary in a democratic society. 

At least twice each year, we invite current EFF members to gather with fellow internet freedom supporters and to meet the people behind your favorite digital civil liberties organization. For this year’s Bay Area based members, we had the opportunity to take over Babylon Burning’s screen printing shop in San Francisco, where Mike Lynch and his team bring EFF art(work) to life.

To kick off the evening we had EFF’s Director of Member Engagement Aaron Jue, talk about the near-20-year friendship between EFF and Babylon Burning, the shop that has printed everything from t-shirts to hoodies to hats, and now tote bags. At EFF, we love the opportunity to support a local business and have a great partnership at the same time. When we send our artwork to Mike and his staff, we know it is in good hands.

Following Aaron, EFF’s Creative Director Hugh D’Andrade dived into some of EFF’s most popular works such as the NSA Spying Eagle and the many versions of the EFF Liberty Mecha. The EFF NSA Spying Eagle focuses on mass surveillance found in the Hepting and Jewel cases. The EFF Liberty Mecha has been featured on four different occasions, most recently on a shirt for DEF CON 29, and highlights freedom, empowerment through technology, interoperability, and teamwork. More information about EFF’s member shirts can be found in our blog and in our shop.

Mike jumped in after Hugh to walk members though a hands-on demonstration of traditional screen printing. Members printed tote bags, toured the Babylon Burning print shop, and mingled with EFF staff and local supporters.

Thank you to everyone that attended this year’s Spring Members’ Speakeasy and continue to support EFF as a member. Your support allows our engineers, lawyers, and skilled advocates to tend the path for technology users, and to nurture your rights to privacy, expression, and innovation online.

Thanks to all of the EFF members who participated at our annual Bay Area meetup. If you're not a member of EFF yet, join us today. See you at the next event!

If you buy something—a refrigerator, a car, a tractor, a wheelchair, or a phone—but you can't have the information or parts to fix or modify it, is it really yours? The right to repair movement is based on the belief that you should have the right to use and fix your stuff as you see fit, a philosophy that resonates especially in economically trying times, when people can’t afford to just throw away and replace things.

%3Ciframe%20height%3D%2252px%22%20width%3D%22100%25%22%20frameborder%3D%22no%22%20scrolling%3D%22no%22%20seamless%3D%22%22%20src%3D%22https%3A%2F%2Fplayer.simplecast.com%2F44bb4612-7130-4e8e-a047-189b6deb7cec%3Fdark%3Dtrue%26amp%3Bcolor%3D000000%22%20allow%3D%22autoplay%22%3E%3C%2Fiframe%3E Privacy info. This embed will serve content from simplecast.com

   

(You can also find this episode on the Internet Archive and on YouTube.)

 Companies for decades have been tightening their stranglehold on the information and the parts that let owners or independent repair shops fix things, but the pendulum is starting to swing back: New York, Minnesota, California, Colorado, and Oregon are among states that have passed right to repair laws, and it’s on the legislative agenda in dozens of other states. Gay Gordon-Byrne is executive director of The Repair Association, one of the major forces pushing for more and stronger state laws, and for federal reforms as well. She joins EFF’s Cindy Cohn and Jason Kelley to discuss this pivotal moment in the fight for consumers to have the right to products that are repairable and reusable.  

In this episode you’ll learn about: 

• Why our “planned obsolescence” throwaway culture doesn’t have to be, and shouldn’t be, a technology status quo. 
• The harm done by “parts pairing:” software barriers used by manufacturers to keep people from installing replacement parts. 
• Why one major manufacturer put out a user manual in France, but not in other countries including the United States. 
• How expanded right to repair protections could bring a flood of new local small-business jobs while reducing waste. 
• The power of uniting disparate voices—farmers, drivers, consumers, hackers, and tinkerers—into a single chorus that can’t be ignored. 

Gay Gordon-Byrne has been executive director of The Repair Association—formerly known as The Digital Right to Repair Coalition—since its founding in 2013, helping lead the fight for the right to repair in Congress and state legislatures. Their credo: If you bought it, you should own it and have the right to use it, modify it, and repair it whenever, wherever, and however you want. Earlier, she had a 40-year career as a vendor, lessor, and used equipment dealer for large commercial IT users; she is the author of "Buying, Supporting and Maintaining Software and Equipment - an IT Manager's Guide to Controlling the Product Lifecycle” (2014), and a Colgate University alumna. 

Resources:

• Gay Gordon-Byrne's TED Talk: “You deserve the right to repair your stuff"(August 2021)
• iFixit, the world’s largest online repair community, offering free step-by-step repair guides for thousands of products
• The Verge: “Right-to-repair is now the law in California” (Oct. 10, 2023)
• The Verge: "Maine’s right-to-repair law for cars wins with 84 percent of the vote" (Nov. 7, 2023)
• Ars Technica: "Oregon governor signs nation’s first right-to-repair bill that bans parts pairing" (Mar. 27,2024)
• National Conference of State Legislatures: Right to Repair 2023 Legislation
• How to Fix the Internet: “Making Hope, with Dan Savage" (Apr. 12, 2022) 

What do you think of “How to Fix the Internet?” Share your feedback here. 

Transcript

GAY GORDON-BYRNE
A friend of mine from Boston had his elderly father in a condo in Florida, not uncommon. And when the father went into assisted living, the refrigerator broke and it was out of warranty. So my friend went to Florida, figured out what was wrong, said, ‘Oh, I need a new thermostat,’ ordered the thermostat, stuck around till the thermostat arrived, put it in and it didn't work.

And so he called GE because he bought the part from GE and he says, ‘you didn't provide me, there's a password. I need a password.’ And GE says, ‘Oh, you can't have the password. You have to have a GE authorized tech come in to insert the password.’ And that to me is the ultimate in stupid.

CINDY COHN
That’s Gay Gordon-Byrne with an example of how companies often prevent people from fixing things that they own in ways that are as infuriating as they are absurd.

I’m Cindy Cohn, the executive director of the Electronic Frontier Foundation.

JASON KELLEY
And I’m Jason Kelley, EFF’s Activism Director. This is our podcast series How to Fix the Internet.  

Our guest today, Gay Gordon-Byrne, is the executive director of The Repair Association, where she has been advocating for years for legislation that will give consumers the right to buy products that are repairable and reusable – rather than things that need to be replaced outright every few years, or as soon as they break. 

CINDY COHN
The Right to Repair is something we fight for a lot at EFF, and a topic that has come up frequently on this podcast. In season three, we spoke to Adam Savage about it.

ADAM SAVAGE
I was trying to fix one of my bathroom faucets a couple of weeks ago, and I called up a Grohee service video of how to repair this faucet. And we all love YouTube for that, right, because anything you want to fix whether it’s your video camera, or this thing, someone has taken it apart. Whether they’re in Micronesia or Australia, it doesn’t matter. But the moment someone figures out that they can make a bunch of dough from that, I’m sure we’d see companies start to say, ‘no, you can’t put up those repair videos, you can only put up these repair videos’ and we all lose when that happens.

JASON KELLEY
In an era where both the cost of living and environmental concerns are top of mind, the right to repair is more important than ever. It addresses both sustainability and affordability concerns.

CINDY COHN
We’re especially excited to talk to Gay right now because Right to Repair is a movement that is on its way up and we have been seeing progress in recent months and years. We started off by asking her where things stand right now in the United States.

GAY GORDON-BYRNE
We've had four states actually pass statutes for Right to Repair, covering a variety of different equipment, and there's 45 states that have introduced right to repair over the past few years, so we expect there will be more bills finishing. Getting them started is easy, getting them over the finish line is hard.

CINDY COHN
Oh, yes. Oh, yes. We just passed a right to repair bill here in California where EFF is based. Can you tell us a little bit about that and do you see it as a harbinger, or just another step along the way?

GAY GORDON-BYRNE
Well, honestly, I see it as another step along the way, because three states actually had already passed laws, in California, Apple decided that they weren't going to object any further to right to repair laws, but they did have some conditions that are kind of unique to California because Apple is so influential in California. But it is a very strong bill for consumer products. It just doesn't extend to non-consumer products.

CINDY COHN
Yeah. That's great. And do you know what made Apple change their mind? Because they had, they had been staunch opponents, right? And EFF has battled with them in various different areas around Section 1201 and other things and, and then it seemed like they changed their minds and I wondered if you had some insights about that.

GAY GORDON-BYRNE
I take full responsibility.

CINDY COHN
Yay! Hey, getting a big company to change their position like that is no small feat and it doesn't happen overnight.

GAY GORDON-BYRNE
Oh, it doesn't happen overnight. And what's interesting is that New York actually passed a bill that Apple tried to negotiate and kind of really didn't get to do it in New York, that starts in January. So there was a pressure point already in place. New York is not an insignificant size state.

And then Minnesota passed a much stronger bill. That also takes effect, I think, I might be wrong on this, I think also in January. And so the wheels were already turning, I think the idea of inevitability had occurred to Apple that they'd be on the wrong side of all their environmental claims if they didn't at least make a little bit more of a sincere effort to make things repairable.

CINDY COHN
Yeah. I mean, they have been horrible about this from the very beginning with, you know with custom kinds of dongles, and difficulty in repairing. And again, we fought them around section 1201, which is the ability to do circumvention so that you can see how something works and build. tools that will let you fix them.

It's just no small feat from where we set to get, to get the winds to change such that even Apple puts their finger up and says, I think the winds are changing. We better get on the right side of history.

GAY GORDON-BYRNE
Yeah, that's what we've been trying to do for the past, when did we get started? I got started in 2010, the organization got started in 2013. So we've been at it a full 10 years as an actual organization, but the problems with Apple and other manufacturers existed long before. So the 1201 problem still exists, and that's the problem that we're trying to move in federally, but oh my God. I thought moving legislation in states was hard and long.

CINDY COHN
Yeah, the federal system is different, and I think that one of the things that we've experienced, though, is when the states start leading, eventually the feds begin to follow. Now, often they follow with the idea that they're going to water down what the states do. That's why, you know, EFF and, and I think a lot of organizations rally around this thing called preemption, which doesn't really sound like a thing you want to rally around, but it ends up being the way in which you make sure that the feds aren't putting the brakes on the states in terms of doing the right things and that you create space for states to be more bold.

It's sometimes not the best thing for a company that has to sell in a bunch of different markets, but it's certainly better than  letting the federal processes come in and essentially damp down what the states are doing.

GAY GORDON-BYRNE
You're totally right. One of our biggest fears is that someone will... We'll actually get a bill moving for Right to Repair, and it's obviously going to be highly lobbied, and we will probably not have the same quality of results as we have in states. So we would like to see more states pass more bills so that it's harder and harder for the federal government to preempt the states.

In the meantime, we're also making sure that the states don't preempt the federal government, which is another source of friction.

CINDY COHN
Oh my gosh.

GAY GORDON-BYRNE
Yeah, preemption is a big problem.

CINDY COHN
It goes both ways. In our, in our Section 1201 fights, we're fighting the Green case, uh, Green vs. Department of Justice, and the big issue there is that while we can get exemptions under 1201 for actual circumvention, the tools that you need  in order to circumvent, you can't get an exception for, and so you have this kind of strange situation in which you technically have the right to repair your device, but nobody can help you do that and nobody can give you the tools to do it. 

So it's this weird, I often, sometimes I call it the, you know, it's legal to be in Arizona, but it's illegal to go to Arizona kind of law. No offense, Arizona.

GAY GORDON-BYRNE
That's very much the case.

JASON KELLEY
You mentioned, Gay, that you've been doing this work while probably you've been doing the work a lot longer than the time you've been with the coalition and the Repair Association. We'll get to the brighter future that we want to look towards here in a second, but before we get to the, the way we want to fix things and how it'll look when we do, can you just take us back a little bit and tell us more about how we got to a place where you actually have to fight for your right to repair the things that you buy. You know, 50 years ago, I think most people would just assume that appliances and, and I don't know if you'd call them devices, but things that you purchased you could fix or you could bring to a repair shop. And now we have to force companies to let us fix things.

I know there's a lot of history there, but is there a short version of how we ended up in this place where we have to fight for this right to repair?

GAY GORDON-BYRNE
Yeah, there is a short version. It's called about 20 years ago, right after Y2K, it became possible, because of the improvements in the internet, for manufacturers to basically host a repair manual or a user guide. online and expect their customers to be able to retrieve that information for free.

Otherwise, they have to print, they have to ship. It's a cost. So it started out as a cost reduction strategy on the part of manufacturers. And at first it seemed really cool because it really solved a problem. I used to have manuals that came in like, huge desktop sets that were four feet of paper. And every month we'd get pages that we had to replace because the manual had been updated. So it was a huge savings for manufacturers, a big convenience for consumers and for businesses.

And then, no aspersions on lawyers. But my opinion is that some lawyer decided they wanted to know, they should know. For reasons we have no idea because they, they still don't make sense, that they should know who's accessing their website. So then they started requiring a login and a password, things like that.

And then another bright light, possibly a lawyer, but most likely a CFO said, we should charge people to get access to the website. And that slippery slope got really slippery or really fast. So it became obvious that you could save a lot of money by not providing manuals, not providing diagnostics and then not selling parts.

I mean, if you didn't want to sell parts, you didn't have to. There was no law that said you have to sell parts, or tools, or diagnostics. And that's where we've been for 20 years. And everybody that gets away with it has encouraged everybody else to do it. To the point where, um, I don't think Cindy would disagree with me.

I mean, I took a look, um, as did Nathan Proctor of US PIRG when we were getting ready to go before the FTC. And we said, you know, I wonder how many companies are actually selling parts and tools and manuals, and Nathan came up with a similar statistic. Roughly 90 percent of the companies don't.

JASON KELLEY
Wow.

GAY GORDON-BYRNE
So we're, face it, we have now gone from a situation where everybody could fix anything if they were really interested, to 90 percent of stuff not being fixable, and that number is going, getting worse, not better. So yeah, that's the short story, it’s been a bad 20 years.

CINDY COHN
It's funny because I think it's really, it's such a testament to people's desire to want to fix their own things that despite this, you can go on YouTube if something breaks and you can find some nice person who will walk you through how to fix, you know, lots and lots of devices that you have. And to me, that's a testament to the human desire to want to fix things and the human desire to want to teach other people how to fix things, that despite all these obstacles, there is this thriving world, YouTube's not the only place, but it's kind of the central place where you can find nice people who will help tell you how to fix your things, despite it being so hard and getting harder to have that knowledge and the information you need to do it.

GAY GORDON-BYRNE
I would also add to that there's a huge business of repair that, we're not strictly fighting for people's rights to be able to do it yourself. In fact, most people, again, you know, back to some kind of general statistics, most people, somewhere around 85 percent of them, really don't want to fix their own stuff.

They may fix some stuff, but they don't want to fix all stuff. But the options of having somebody help them have also gone. Gone just downhill, downhill, downhill massively in the last 20 years and really bad in the past 10 years. 

So the industry that current employment used to be about 3 million people in the repair, in the industry of repair and that kind of spanned auto repair and a bunch of other things. But those people don't have jobs if people can't fix their stuff because the only way they can be in business is to know that they can buy a part. To know that they can buy the tool, to know that they can get a hold of the schematic and the diagnostics. So these are the things that have thwarted business as well as, do it yourself. And I think most people, most people, especially the people I know, really expect to be able to fix their things. I think we've been told that we don't, and the reality is we do.

CINDY COHN
Yeah, I think that's right. And one of the, kind of, stories that people have been told is that, you know, if there's a silicon chip in it, you know, you just can't fix it. That that's just, um, places things beyond repair and I think that that's been a myth and I think a lot of people have always known It's a myth, you know, certainly in EFF's community.

We have a lot of hardware hackers, we even have lots of software hackers that know that the fact that there's a chip involved doesn't mean that it's a disposable item. But I wondered you know from your perspective. Have you seen that as well?

GAY GORDON-BYRNE
Oh, absolutely. People are told that these things are too sophisticated, that they're too complex, they're too small. All of these things that are not true, and you know, you got 20 years of a drumbeat of just massive marketing against repair. The budgets for people that are saying you can't fix your stuff are far greater than the budgets of the people that say you can.

So, thank you, Tim Cook and Apple, because you've made this an actual point of advocacy. Every time Apple does something dastardly, and they do it pretty often, every new release there's something dastardly in it, we get to get more people behind the, ‘hey, I want to fix my phone, goddamnit!’

CINDY COHN
Yeah, I think that's right. I think that's one of the wonderful things about the Right to Repair movement is that you're, you're surfing people's natural tendencies. The idea that you have to throw something away as soon as it breaks is just so profoundly …I think it's actually an international human, you know, desire to be able to fix these kinds of things and be able to make something that you own work for you.

So it's always been profoundly strange to have companies kind of building this throwaway culture. It reminds me a little of the privacy fights where we've had also 20 years of companies trying to convince us that your privacy doesn't matter and you don't care about it, and that the world's better if you don't have any privacy. And on a one level that has certainly succeeded in building surveillance business models. But on the other hand, I think it's profoundly against human tendencies, so those of us on the side of privacy and repair, the benefit of us is we're kind of riding with how people want to be in the kind of world they want to live in, against, you know, kind of very powerful, well funded forces who are trying to convince us we're different than we are.

JASON KELLEY
Let’s take a quick moment to say thank you to our sponsor. “How to Fix the Internet” is supported by The Alfred P. Sloan Foundation’s Program in Public Understanding of Science and Technology. Enriching people’s lives through a keener appreciation of our increasingly technological world and portraying the complex humanity of scientists, engineers, and mathematicians.

And now back to our conversation with Gay Gordon-Byrne.

At the top of the episode, Gay told us a story about a refrigerator that couldn’t be fixed unless a licensed technician – for a fee, obviously – was brought in to ENTER A PASSWORD. INTO A FRIDGE. Even though the person who owned the fridge had sourced the new part and installed it.

GAY GORDON-BYRNE
And that illustrates to me the damage that's being done by this concept of parts pairing, which is where only the manufacturer can make the part work. So even if you can find a part. Even if you could put it in, you can't make it work without calling the manufacturer again, which kind of violates the whole idea that you bought it and you own it, and they shouldn't have anything to do with it after that. 

So these things are pervasive. We see it in all sorts of stuff. The refrigerator one really infuriates me.

CINDY COHN
Yeah, we've seen it with printer cartridges. We've seen it with garage door openers, for sure. I recently had an espresso machine that broke and couldn't get it fixed because the company that made it doesn't make parts available for, for people and that. You know, that's a hard lesson. It's one of the things when you're buying something is to try to figure out, like, is, is this actually repairable or not?

You know, making that information available is something that our friends at Consumer Reports have done and other people have done, but it's still a little hard to find sometimes.

GAY GORDON-BYRNE
Yeah, that information gap is enormous. There are some resources. They're not great. none of them are comprehensive enough to really do the job. But there's an ‘index de repairability’ in France that covers a lot of consumer tech, you know, cell phones and laptops and things along those lines.

It's not hard to find, but it's in French, so use Google Translate or something and you'll see what they have to say. Um, that's actually had a pretty good impact on a couple companies. For example, Samsung, which had never put out a manual before, had to put out a manual, um, in order to be rated in France. So they did. The same manual they didn't put out in the U. S. and England.

CINDY COHN  
Oh my God, it’s amazing.

Music break.

CINDY COHN
So let's flip this around a little bit. What does the world look like if we get it right? What does a repairable world look like? How is it when you live in it, Gay? Give me a day in the life of somebody who's living in the fixed version of the world.

GAY GORDON-BYRNE
Well, you will be able to buy things that you can fix, or have somebody fix them for you. And one of the consequences is that you will see more repair shops back in your town.

It will be possible for some enterprising person, that'll open up. Again, the kinds of shops we used to have when we were kids.

You'll see a TV repair shop, an appliance repair shop, an electronics repair shop. In fact, it might be one repair shop, because some of these things are all being fixed in the same way. 

So  you'll see more economic activity in the area of repair. You'll also see, and this is a hope, that manufacturers, if they're going to make their products more repairable, in order to look better, you know, it's more of a, more of a PR and a marketing thing.

If they're going to compete on the basis of repairability, they're going to have to start making their products. more repairable from the get go. They're probably gonna have to stop gluing everything together. Europe has been pretty big on making sure that things are made with fasteners instead of glue.

I think we're gonna see more activity along those lines, and more use of replaceable batteries. Why should a battery be glued in? That seems like a pretty stupid thing to do. So I think we'll see some improvements along the line of sustainability in the sense that we'll be able to keep our things longer and use them until we're done with them, not to when the manufacturer decides they want to sell you a new one, which is really the cycle that we have today.

CINDY COHN
Yeah. Planned obsolescence I think is what the marketers call it. I love a vision of the world, you know, when I grew up, I grew up in a small town in Iowa and we had the, the people called the gearheads, right? They were the ones who were always tinkering with cars. And of course you could take your appliances to them and other kinds of things because, you know, people who know how to take things apart and figure out how they work tend to know that about multiple things.

So I'd love a future of the world where the kind of gearheads rise again and are around to help us keep our stuff longer and keep our stuff again.  I really appreciate what you say, like when we're done with them. I mean, I love innovation. I love new toys.

I think that's really great. But the idea that when I'm done with something, you know, it goes into a trash heap. Um, or, you know, into someplace where you have to have fancy, uh, help to make sure that you're not endangering the planet. Like, that's not a very good world.

GAY GORDON-BYRNE
Well, look at your example of your espresso machine. You weren't done with it. It quit. It quit. You can't fix it. You can't make another cup of espresso with it.

That's not what you planned. That's not what you wanted.

CINDY COHN
Yep.

JASON KELLEY
I think we all have stories like the espresso machine and that's part of why this is such a tangible topic for everyone. Maybe I'm not alone in this, but I love, you know, thrift stores and places like that where I can get something that maybe someone else was, was tired of. I was walking. Hmm. I passed a house a few years ago and someone had put, uh, a laptop that the screen had been damaged just next to the trash.

And I thought, that looks like a pretty nice laptop. And I grabbed it. It was a pretty new, like, one year old Microsoft Surface. Tablet, laptop, um, anyway, I took it to a repair shop and they were able to repair it for like way less than the cost of buying a new one and I had a new laptop essentially, um, and I don't think they gave me extra service because I worked at EFF but they were certainly happy to help because I worked at EFF, um, but then, you know, these things do eventually Sort of give up, right?

That laptop lasted me about three years and then had so many issues that I just kind of had to get rid of it Where do you think in the in the better future? We should put the things that are sort of Unfixable. You know, do we, do we bring them to a repair shop and they pull out the pieces that work like a junkyard that they can reuse?

Is there a better system for, uh, disposing of the different pieces or the different devices that we can't repair? How do you think about that more sustainable future once everything is better in the first place in terms of being able to repair things?

GAY GORDON-BYRNE
Excellent question. We have a number of members that are what we call charitable recyclers. And I think that's a model for more, rather than less. They don't even have to be gently used. They just have to be potentially useful. And they'll take them in. They will fix them. They will train people, often people that have some employment challenges, especially coming out of the criminal justice system.  And they'll train them to make repairs and they both get a skill, a marketable skill for future employment. And they also, they also turn around and then resell those devices to make money to keep the whole system going.

But in the commercial recycling business, there's a lot of value in the things that have been discarded if they can have their batteries removed before, before they are, quote, recycled, because recycling is a very messy business and it requires physical contact with the device to the point that it's shredded or crushed. And if we can intercept some of that material before it goes to the crusher, we can reuse more of that material. And I think a lot of it can be reused very effectively in downstream markets, but we don't have those markets because we can't fix the products that are broken.

CINDY COHN
Yep. There's a whole chain of good that starts happening if we can begin to start fixing things, right? It's not just the individuals get to fix the things that they get, but it sets off kind of a cycle of things, a happy cycle of things that get better all along the way.

GAY GORDON-BYRNE
Yep, and that can be, that can happen right now, well, I should say as soon as these laws start taking effect, because a lot of the information parts and tools that are required under the laws are immediately useful.

CINDY COHN
Right. So tell me, how do these laws work? What do they, what, the good ones anyway, what are, what are they doing? How are things changing with the current flock of laws that are just now coming online?

GAY GORDON-BYRNE
Well, they're all pretty much the same. They require manufacturers of things that they already repair, so there's some limitations right there, to make available on fair and reasonable terms the same parts, tools, diagnostics, and firmware that they already provide to their quote authorized or their subcontract repair providers because our original intent was to restore competition. So the bills are really a pro competition law as opposed to an e-waste law.

CINDY COHN  
Mm hmm.

GAY GORDON-BYRNE
Because these don't cover everything. They cover a lot of stuff, but not everything. California is a little bit different in that they already had a statute that required things of be, under $50 or under $100 to be covered for three years. They have some dates in there that expand the effectiveness of the bill into products that don't even have repair options today.

But the bills that we've been promoting are a little softer, because the intent is competition, because we want to see what competition can do, when we unlock competition, what that does for consumers.

CINDY COHN  
Yeah, and I think that that dovetails nicely into something EFF has been working on quite a while now, which is interoperability, right? One of the things that unlocks competition is, you know, requiring people to build their tools and services in a way that are interoperable with others, that helps both with repair and with kind of follow on innovation that, you know, you can switch up how your Facebook feed shows up based on what you want to see rather than, you know, based upon what Facebook's algorithm wants you to see or other kinds of changes like that. And how do you see interoperability fitting into all of this?

GAY GORDON-BYRNE
I think there will be more. It's not specific to the law, but I think it will simply happen as people try to comply with the law. 

Music break

CINDY COHN  
You founded the Repair Association, so tell us a little bit about how that got started and how you decided to dedicate your life to this. I think it's really important for us to think about, like, the people that are needed to build a better world, as well as the, you know, kind of technologies and ideas.

GAY GORDON-BYRNE
I was always in the computer industry. I grew up with my father who was a computer architect in the 50s and 60s. So I never knew a world that didn't involve computers. It was what dad did. And then when I needed a job out of college, and having bounced around a little bit and found not a great deal of success, my father encouraged me to take a job selling computers, because that was the one thing he had never done and thought that it was missing from his resume.

And I took to it like, uh, I don't know, fish to water? I loved it. I had a wonderful time and a wonderful career. But by the mid 2000s, I was done. I mean, I was like, I can't stand this job anymore. So I decided to retire. I didn't like being retired. I started doing other things and eventually, I started doing some work with a group of companies that repair large mainframes.

I've known them. I mean, my former boss was the president. It was kind of a natural. And they started having trouble with some of the manufacturers and I said, that's wrong. I mean, I had this sense of indignation that what Oracle had done when they bought Sun was just flatly wrong and it was illegal. And I volunteered to join a committee. And that's when, haha, that's when I got involved and it was basically, I tell people I over-volunteered.

CINDY COHN
Yeah.

GAY GORDON-BYRNE
And what happened is that because I was the only person in that organization that didn't already have relationships with manufacturers, that they couldn't, they couldn't bite the hand that fed them, I was elected chief snowball thrower. AKA Executive Director. 

So it was a passion project that I could afford to do because otherwise I was going to stay home and knit. So this is way better than knitting or quilting these days, way more fun, way more gratifying. I've had a truly wonderful experience, met so many fabulous people, have a great sense of impact that I would never have had with quilting.

CINDY COHN
I just love the story of somebody who kind of put a toe in and then realized, Oh my God, this is so important. And ‘I found this thing where I can make the world better.’ And then you just get, you know, kind of, you get sucked in and, um, but it's, it's fun. And what I really appreciate about the Repair Association and the Right to Repair people is that while, you know, they're working with very serious things, they also, you know, there's a lot of fun in making the world a better place.

And it's kind of fun to be involved in the Right to Repair right now because after a long time kind of shouting in the darkness, there's some traction starting to happen. So then the fun gets even more fun.

GAY GORDON-BYRNE
I can tell you it's ... We're so surprised. I mean, it took, we've had over, well, well over 100 bills filed and, you know, every year we get a little further. We get past this committee and this hurdle and this hurdle and this hurdle. We get almost to the end and then something would happen. And to finally get to the end where the bill becomes law? It's like the dog that chases the car, and you go, we caught the car, now what?

CINDY COHN
Yeah. Now you get to fix it! The car!

JASON KELLEY
Yeah, now you can repair the car.

MUSIC TRANSITION

JASON KELLEY
That was such a wonderful, optimistic conversation and not the first one we've had this season. But this one is interesting because we're actually already getting where we want to be. We're already building the future that we want to live in and it's just really, really pleasing to be able to talk to someone who's in the middle of that and, and making sure that that work happens.

CINDY COHN
I mean, one of the things that really struck me is how much of the better future that we're building together is really about creating new jobs and new opportunities for people to work. I think there's a lot of fear right now in our community that the future isn't going to have work, and that without a social safety net or other kinds of things, you know, it's really going to hurt people.

And I so appreciated hearing about how, you know, Main Street's going to have more jobs. There's going to be people in your local community who can fix your things locally because devices, those are things where having a local repair community and businesses is really. helpful to people.

And so I also kind of, the flip side of that is this interesting observation that one of the things that's happened as a result of shutting off the Right to Repair is an increasing centralization, um, that the jobs that are happening in this thing are not happening locally and that by unlocking the right to repair, we're going to unlock some local opportunities for economic things.

I mean, You know, EFF thinks about this both in terms of empowering users, but also in terms of competition. And the thing about Right to Repair is it really does unlock kind of hyper local competition.

JASON KELLEY
I hadn't really thought about how specifically local it is to have a repair shop that you can just bring your device to. And right now it feels like the options are if you live near an Apple store, for example, maybe you can bring your phone there and then they send it somewhere. I'd much rather go to someone, you know, in my town that I can talk to, and who can tell me about what needs to be done. That's such a benefit of this movement that a lot of people aren't even really putting on the forefront, but it really is something that will help people actually get work and, and, and help the people who need the work and the people who need the job done.

CINDY COHN
Another thing that I really appreciate about the Right to Repair movement s how universal it is. Everyone experiences some version of this, you know, from the refrigerator story to my espresso machine, to any of any number of other stories to the farmers, like everyone has some version of how.

This needs to be fixed. And the other thing that I really appreciate about her gay stories about the right to repair movement is that, you know, she's somebody who comes out of computers, and was thinking about this from the context of computers and didn't really realize that farmers were having the same problem.

Of course, we all kind of know analytically that a lot of the movement in a lot of industries is towards, you know, centralizing computers and making, you know. You know, tractors are now computers with gigantic wheels. Cars are now computers with smaller wheels. That computers have become central to these kinds of things, but also realization that we have silos of users who are experiencing a version of the same problem and connecting those silent silos together, let me say that again. I think the realization that we have silos of users who are experiencing the same problem depending on what kind of tool they're using, um, and connecting those silos together so that together we stand as a much bigger voice is something that the repair, um, the Right to Repair folks have really done well and it is a, is a good lesson for the rest of us.

JASON KELLEY
Yeah, I think we talked a little bit with Adam Savage when he was on a while ago about this sort of gatekeeping and how effective it is to remove the gatekeepers from these movements and say, you know, we're all fighting the same fight. And it just goes to show you that it actually works. I mean, not only does it get everybody on the same page, but unlike a lot of movements, I think you can really see the impact that the Right to Repair movement has had. 

And we talked with Gay about this and it's just, it really, I think, should make people come away optimistic that advocacy like this works over time. You know, it's not a sprint, it's a marathon, and we have actually crested a sort of hill in some ways.

There's a lot of work to be done, but it's, it's actually work that we probably will be able to get done and, and that we're seeing the benefits of today

CINDY COHN
Yeah. And as we start to see benefits, we're going to start to see more benefits. I appreciate her. We're in, you know, we're in the whole plugging period where, you know, we got something passed and we need to plug the holes. But I also think once people start feeling the power of having the Right to Repair again, I think I hope it will help snowball.

One of the things that she said that I have observed as well is that sometimes it feels like nothing's happening, nothing's happening, nothing's happening, and then all of a sudden it's all happening. And I think that that's one of the, the kind of flows of advocacy work that I've observed over time and it's fun to see the, the Right to Repair Coalition kind of getting to experience that wave, even if it can be a little overwhelming sometimes.

JASON KELLEY
Thanks for joining us for this episode of How to Fix the Internet.

If you have feedback or suggestions, we'd love to hear from you. Visit EFF. org slash podcast and click on listener feedback. While you're there, you can become a member, donate, maybe pick up some merch and just see what's happening in digital rights this week and every week.

This podcast is licensed Creative Commons Attribution 4.0 International, and includes music licensed Creative Commons Attribution 3.0 Unported by their creators.

In this episode you heard …Come Inside by Zep Hurme featuring snowflake and Drops of H2O ( The Filtered Water Treatment ) by J.Lang featuring Airtone.

You can find links to their music in our episode notes, or on our website at eff.org/podcast. 

Our theme music is by Nat Keefe of BeatMower with Reed Mathis

How to Fix the Internet is supported by the Alfred P. Sloan Foundation's program in public understanding of science and technology.

I hope you’ll join us again soon. I’m Jason Kelley.

CINDY
And I’m Cindy Cohn.

One week after it was passed by the U.S. House of Representatives, the Senate has passed what Senator Ron Wyden has called, “one of the most dramatic and terrifying expansions of government surveillance authority in history.” President Biden then rushed to sign it into law.  

The perhaps ironically named “Reforming Intelligence and Security America Act (RISAA)” does everything BUT reform Section 702 of the Foreign Intelligence Surveillance Act (FISA). RISAA not only reauthorizes this mass surveillance program, it greatly expands the government’s authority by allowing it to compel a much larger group of people and providers into assisting with this surveillance. The bill’s only significant “compromise” is a limited, two-year extension of this mass surveillance. But overall, RISAA is a travesty for Americans who deserve basic constitutional rights and privacy whether they are communicating with people and services inside or outside of the US.

Section 702 allows the government to conduct surveillance of foreigners abroad from inside the United States. It operates, in part, through the cooperation of large telecommunications service providers: massive amounts of traffic on the Internet backbone are accessed and those communications on the government’s secret list are copied. And that’s just one part of the massive, expensive program. 

While Section 702 prohibits the NSA and FBI from intentionally targeting Americans with this mass surveillance, these agencies routinely acquire a huge amount of innocent Americans' communications “incidentally.” The government can then conduct backdoor, warrantless searches of these “incidentally collected” communications.

The government cannot even follow the very lenient rules about what it does with the massive amount of information it gathers under Section 702, repeatedly abusing this authority by searching its databases for Americans’ communications. In 2021 alone, the FBI reported conducting up to 3.4 million warrantless searches of Section 702 data using Americans’ identifiers. Given this history of abuse, it is difficult to understand how Congress could decide to expand the government’s power under Section 702 rather than rein it in.

One of RISAA’s most egregious expansions is its large but ill-defined increase of the range of entities that have to turn over information to the NSA and FBI. This provision allegedly “responds” to a 2023 decision by the FISC Court of Review, which rejected the government’s argument that an unknown company was subject to Section 702 for some circumstances. While the New York Times reports that the unknown company from this FISC opinion was a data center, this new provision is written so expansively that it potentially reaches any person or company with “access” to “equipment” on which electronic communications travel or are stored, regardless of whether they are a direct provider. This could potentially include landlords, maintenance people, and many others who routinely have access to your communications on the interconnected internet.

This is to say nothing of RISAA’s other substantial expansions. RISAA changes FISA’s definition of “foreign intelligence” to include “counternarcotics”: this will allow the government to use FISA to collect information relating to not only the “international production, distribution, or financing of illicit synthetic drugs, opioids, cocaine, or other drugs driving overdose deaths,” but also to any of their precursors. While surveillance under FISA has (contrary to what most Americans believe) never been limited exclusively to terrorism and counterespionage, RISAA’s expansion of FISA to ordinary crime is unacceptable.

RISAA also allows the government to use Section 702 to vet immigrants and those seeking asylum. According to a FISC opinion released in 2023, the FISC repeatedly denied government attempts to obtain some version of this authority, before finally approving it for the first time in 2023. By formally lowering Section 702’s protections for immigrants and asylum seekers, RISAA exacerbates the risk that government officials could discriminate against members of these populations on the basis of their sexuality, gender identity, religion, or political beliefs.

Faced with massive pushback from EFF and other civil liberties advocates, some members of Congress, like Senator Ron Wyden, raised the alarm. We were able to squeeze out a couple of small concessions. One was a shorter reauthorization period for Section 702, meaning that the law will be up for review in just two more years. Also, in a letter to Congress, the Department of Justice claimed it would only interpret the new provision to apply to the type of unidentified businesses at issue in the 2023 FISC opinion. But a pinky promise from the current Department of Justice is not enforceable and easily disregarded by a future administration. There is some possible hope here, because Senator Mark Warner promised to return to the provision in a later defense authorization bill, but this whole debacle just demonstrates how Congress gives the NSA and FBI nearly free rein when it comes to protecting Americans – any limitation that actually protects us (and here the FISA Court actually did some protecting) is just swept away.

RISAA’s passage is a shocking reversal—EFF and our allies had worked hard to put together a coalition aimed at enacting a warrant requirement for Americans and some other critical reforms, but the NSA, FBI and their apologists just rolled Congress with scary-sounding (and incorrect) stories that a lapse in the spying was imminent. It was a clear dereliction of Congress’s duty to oversee the intelligence community in order to protect all of the rest of us from its long history of abuse.

After over 20 years of doing it, we know that rolling back any surveillance authority, especially one as deeply entrenched as Section 702, is an uphill fight. But we aren’t going anywhere. We had more Congressional support this time than we’ve had in the past, and we’ll be working to build that over the next two years.

Too many members of Congress (and the Administrations of both parties) don’t see any downside to violating your privacy and your constitutional rights in the name of national security. That needs to change.

In the absence of strong net neutrality protections, internet service providers (ISPs) have made all sorts of plans that would allow them to capitalize on something called "network slicing." While this technology has all sorts of promise, what the ISPs have planned would subvert net neutrality—the principle that all data be treated equally by your service provider—by allowing them to recreate the kinds of “fast lanes” we've already agreed should not be allowed. If their plans succeed, then the new proposed net neutrality protections will end up doing far less for consumers than the old rules did.

The FCC released draft rules to reinstate net neutrality, with a vote on adopting the rules to come the 25th of April. Overall, the order is a great step for net neutrality. However, to be truly effective the rules must not preempt states from protecting their residents with stronger laws and clearly find the creation of “fast lanes” via positive discrimination and unpaid prioritization of specific applications or services are violations of net neutrality.

Fast Lanes and How They Could Harm Competition

Since “fast lanes” aren’t a technical term, what do we mean when we are talking about a fast lane? To understand, it is helpful to think about data traffic and internet networking infrastructure like car traffic and public road systems. As roads connect people, goods, and services across distances, so does network infrastructure allow for data traffic to flow from one place to another. And just as a road with more capacity in the way of more lanes theoretically means the road can support more traffic moving at speed1, internet infrastructure with more “lanes” (i.e. bandwidth) should mean that a network can better support applications like streaming services and online gaming.

Individual ISPs have a maximum network capacity, and speed, of internet traffic they can handle. To continue the analogy, the road leading to your neighborhood has a set number of lanes. This is why the speed of your internet may change throughout the day. At peak hours your internet service may slow down because a slowdown has occurred from too much requested traffic clogging up the lanes.

It’s not inherently a bad thing to have specific lanes for certain types of traffic, actual fast lanes on freeways can improve congestion by not making faster moving vehicles compete for space with slower moving traffic, having exit and entry lanes in freeways also allows cars to perform specialized tasks without impeding other traffic. A lane only for buses isn’t a bad thing as long as every bus gets equal access to that lane and everyone has equal access to riding those buses. Where this becomes a problem is if there is a special lane only for Google buses, or for consuming entertainment content instead of participating in video calls. In these scenarios you would be increasing the quality of certain bus rides at the expense of degraded service for everyone else on the road.

An internet “fast lane” would be the designation of part of the network with more bandwidth and/or lower latency to only be used for certain services. On a technical level, the physical network infrastructure would be split amongst several different software defined networks with different use cases using network slicing. One network might be optimized for high bandwidth applications such as video streaming, another might be optimized for applications needing low latency (e.g. a short distance between the client and the server), and another might be optimized for IoT devices. The maximum physical network capacity is split among these slices. To continue our tortured metaphor, your original six lane general road is now a four lane general road with two lanes reserved for, say, a select list of streaming services. Think dedicated high speed lanes for Disney+, HBO, and Netflix, but those services only. In a network neutral construction of the infrastructure, all internet traffic shares all lanes, and no specific app or service is unfairly sped up or slowed down. This isn’t to say that we are inherently against network management techniques like quality of service or network slicing. But it’s important that quality of service efforts be undertaken, as much as possible, in an application agnostic manner.

The fast lanes metaphor isn’t ideal. On the road having fast lanes is a good thing, it can protect more slow and cautious drivers from dangerous driving and improve the flow of traffic. Bike lanes are a good thing because they make cyclists safer and allow cars to drive more quickly and not have to navigate around them. But with traffic lanes it’s the driver, not the road, that decides which lane they belong in (with penalties for doing obviously bad faith things such as driving in the bike lane.)

Internet service providers (ISPs) are already testing their ability to create these network slices. They already have plans of creating market offerings where certain applications and services, chosen by them, are given exclusive reserved fast lanes while the rest of the internet must shoulder their way through what is left. This kind of networking slicing is a violation of net neutrality. We aren’t against network slicing as a technology, it could be useful for things like remote surgery or vehicle to vehicle communication which requires low latency connections and is in the public interest, which are separate offerings and not part of the broadband services covered in the draft order. We are against network slicing being used as a loophole to circumvent principles of net neutrality.

Fast Lanes Are a Clear Violation of Net Neutrality

Where net neutrality is the principle that all ISPs should treat all legitimate traffic coming over their networks equally, discriminating between  certain applications or types of traffic is a clear violation of that principle. When fast lanes speed up certain applications or certain classes of applications, they cannot do so without having a negative impact on other internet traffic, even if it’s just by comparison. This is throttling, plain and simple.

Further, because ISPs choose which applications or types of services get to be in the fast lane, they choose winners and losers within the internet, which has clear harms to both speech and competition. Whether your access to Disney+ is faster than your access to Indieflix because Disney+ is sped up or because Indieflix is slowed down doesn’t matter because the end result is the same: Disney+ is faster than Indieflix and so you are incentivized to use Disney+ over Indieflix.

ISPs should not be able to harm competition even by deciding to prioritize incumbent services over new ones, or that one political party’s website is faster than another’s. It is the consumer who should be in charge of what they do online. Fast lanes have no place in a network neutral internet.

• 1. Urban studies research shows that this isn’t actually the case, still it remains the popular wisdom among politicians and urban planners.

Following an urgent appeal filed to the United Nations Working Group on Arbitrary Detention (UNWGAD) on behalf of blogger and activist Alaa Abd El Fattah, EFF has joined 26 free expression and human rights organizations calling for immediate action.

The appeal to the UNWGAD was initially filed in November 2023 just weeks after Alaa’s tenth birthday in prison. The British-Egyptian citizen is one of the most high-profile prisoners in Egypt and has spent much of the past decade behind bars for his pro-democracy writing and activism following Egypt’s revolution in 2011.

EFF and Media Legal Defence Initiative submitted a similar petition to the UNGWAD on behalf of Alaa in 2014. This led to the Working Group issuing an opinion that Alaa’s detention was arbitrary and called for his release. In 2016, the UNWGAD declared Alaa's detention (and the law under which he was arrested) a violation of international law, and again called for his release.

We once again urge the UN Working Group to urgently consider the recent petition and conclude that Alaa’s detention is arbitrary and contrary to international law. We also call for the Working Group to find that the appropriate remedy is a recommendation for Alaa’s immediate release.

Read our full letter to the UNWGAD and follow Free Alaa for campaign updates.

We should all have the freedom to read, share, and comment on the laws we must live by. But yesterday, the House Judiciary Committee voted 19-4 to move forward the PRO Codes Act (H.R. 1631), a bill that would limit those rights in a critical area. 

TAKE ACTION

Tell Congress To Reject The Pro Codes Act

A few well-resourced private organizations have made a business of charging money for access to building and safety codes, even when those codes have been incorporated into law. 

These organizations convene volunteers to develop model standards, encourage regulators to make those standards into mandatory laws, and then sell copies of those laws to the people (and city and state governments) that have to follow and enforce them.

They’ve claimed it’s their copyrighted material. But court after court has said that you can’t use copyright in this way—no one “owns” the law. The Pro Codes Act undermines that rule and the public interest, changing the law to state that the standards organizations that write these rules “shall retain” a copyright in it, as long as the rules are made “publicly accessible” online. 

That’s not nearly good enough. These organizations already have so-called online reading rooms that aren’t searchable, aren’t accessible to print-disabled people, and condition your ability to read mandated codes on agreeing to onerous terms of use, among many other problems. That’s why the Association of Research Libraries sent a letter to Congress last week (supported by EFF, disability rights groups, and many others) explaining how the Pro Codes Act would trade away our right to truly understand and educate our communities about the law for cramped public access to it. Congress must not let well-positioned industry associations abuse copyright to control how you access, use, and share the law. Now that this bill has passed committee, we urgently need your help—tell Congress to reject the Pro Codes Act.

TAKE ACTION

TELL CONGRESS: No one owns the law

It’s been a long two years since the Dobbs decision to overturn Roe v. Wade. Between May 2022 when the Supreme Court accidentally leaked the draft memo and the following June when the case was decided, there was a mad scramble to figure out what the impacts would be. Besides the obvious perils of stripping away half the country’s right to reproductive healthcare, digital surveillance and mass data collection caused a flurry of concerns.

Although many activists fighting for reproductive justice had been operating under assumptions of little to no legal protections for some time, the Dobbs decision was for most a sudden and scary revelation. Everyone implicated in that moment somewhat understood the stark difference between pre-Roe 1973 and post-Roe 2022; living under the most sophisticated surveillance apparatus in human history presents a vastly different landscape of threats. Since 2022, some suspicions have been confirmed, new threats have emerged, and overall our risk assessment has grown smarter. Below, we cover the most pressing digital dangers facing people seeking reproductive care, and ways to combat them.

Digital Evidence in Abortion-Related Court Cases: Some Examples Social Media Message Logs

A case in Nebraska resulted in a woman, Jessica Burgess, being sentenced to two years in prison for obtaining abortion pills for her teenage daughter. Prosecutors used a Facebook Messenger chat log between Jessica and her daughter as key evidence, bolstering the concerns many had raised about using such privacy-invasive tech products for sensitive communications. At the time, Facebook Messenger did not have end-to-end encryption.

In response to criticisms about Facebook’s cooperation with law enforcement that landed a mother in prison, a Meta spokesperson issued a frustratingly laconic tweet stating that “[n]othing in the valid warrants we received from local law enforcement in early June, prior to the Supreme Court decision, mentioned abortion.” They followed this up with a short statement reiterating that the warrants did not mention abortion at all. The lesson is clear: although companies do sometimes push back against data warrants, we have to prepare for the likelihood that they won’t.

Google: Search History & Warrants

Well before the Dobbs decision, prosecutors had already used Google Search history to indict a woman for her pregnancy outcome. In this case, it was keyword searches for misoprostol (a safe and effective abortion medication) that clinched the prosecutor’s evidence against her. Google acquiesced, as it so often has, to the warrant request.

Related to this is the ongoing and extremely complicated territory of reverse keyword and geolocation warrants. Google has promised that it would remove from user profiles all location data history related to abortion clinic sites. Researchers tested this claim and it was shown to be false, twice. Late in 2023, Google made a bigger promise: it would soon change how it stores location data to make it much more difficult–if not impossible–for Google to provide mass location data in response to a geofence warrant, a change we’ve been asking Google to implement for years. This would be a genuinely helpful measure, but we’ve been conditioned to approach such claims with caution. We’ll believe it when we see it (and refer to external testing for proof).

Other Dangers to Consider Doxxing

Sites propped up for doxxing healthcare professionals that offer abortion services are about as old as the internet itself. Doxxing comes in a variety of forms, but a quick and loose definition of it is the weaponization of open source intelligence with the intention of escalating to other harms. There’s been a massive increase in hate groups abusing public records requests and data broker collections to publish personal information about healthcare workers. Doxxing websites hosting such material are updated frequently. Doxxing has led to steadily rising material dangers (targeted harassment, gun violence, arson, just to name a few) for the past few years.

There are some piecemeal attempts at data protection for healthcare workers in more protective states like California (one which we’ve covered). Other states may offer some form of an address confidentiality program that provides people with proxy addresses. Though these can be effective, they are not comprehensive. Since doxxing campaigns are typically coordinated through a combination of open source intelligence tactics, it presents a particularly difficult threat to protect against. This is especially true for government and medical industry workers whose information may be subjected to exposure through public records requests.

Data Brokers

Recently, Senator Wyden’s office released a statement about a long investigation into Near Intelligence, a data broker company that sold geolocation data to The Veritas Society, an anti-choice think tank. The Veritas Society then used the geolocation data to target individuals who had traveled near healthcare clinics that offered abortion services and delivered pro-life advertisements to their devices.

That alone is a stark example of the dangers of commercial surveillance, but it’s still unclear what other ways this type of dataset could be abused. Near Intelligence has filed for bankruptcy, but they are far from the only, or the most pernicious, data broker company out there. This situation bolsters what we’ve been saying for years: the data broker industry is a dangerously unregulated mess of privacy threats that needs to be addressed. It not only contributes to the doxxing campaigns described above, but essentially creates a backdoor for warrantless surveillance.

Domestic Terrorist Threat Designation by Federal Agencies

Midway through 2023, The Intercept published an article about a tenfold increase in federal designation of abortion-rights activist groups as domestic terrorist threats. This projects a massive shadow of risk for organizers and activists at work in the struggle for reproductive justice. The digital surveillance capabilities of federal law enforcement are more sophisticated than that of typical anti-choice zealots. Most people in the abortion access movement may not have to worry about being labeled a domestic terrorist threat, though for some that is a reality, and strategizing against it is vital.

Looming Threats Legal Threats to Medication Abortion

Last month, the Supreme Court heard oral arguments challenging the FDA’s approval of and regulations governing mifepristone, a widely available and safe abortion pill. If the anti-abortion advocates who brought this case succeed, access to the most common medication abortion regimen used in the U.S. would end across the country—even in those states where abortion rights are protected.

Access to abortion medication might also be threatened by a 150 year old obscenity law. Many people now recognize the long dormant Comstock Act as a potential avenue to criminalize procurement of the abortion pill.

Although the outcomes of these legal challenges are yet-to-be determined, it’s reasonable to prepare for the worst: if there is no longer a way to access medication abortion legally, there will be even more surveillance of the digital footprints prescribers and patients leave behind. 

Electronic Health Records Systems

Electronic Health Records (EHRs) are digital transcripts of medical information meant to be easily stored and shared between medical facilities and providers. Since abortion restrictions are now dictated on a state-by-state basis, the sharing of these records across state lines present a serious matrix of concerns.

As some academics and privacy advocates have outlined, the interoperability of EHRs can jeopardize the safety of patients when reproductive healthcare data is shared across state lines. Although the Department of Health and Human Services has proposed a new rule to help protect sensitive EHR data, it’s currently possible that data shared between EHRs can lead to the prosecution of reproductive healthcare.

The Good Stuff: Protections You Can Take

Perhaps the most frustrating aspect of what we’ve covered thus far is how much is beyond individual control. It’s completely understandable to feel powerless against these monumental threats. That said, you aren’t powerless. Much can be done to protect your digital footprint, and thus, your safety. We don’t propose reinventing the wheel when it comes to digital security and data privacy. Instead, rely on the resources that already exist and re-tool them to fit your particular needs. Here are some good places to start:

Create a Security Plan

It’s impossible, and generally unnecessary, to implement every privacy and security tactic or tool out there. What’s more important is figuring out the specific risks you face and finding the right ways to protect against them. This process takes some brainstorming around potentially scary topics, so it’s best done well before you are in any kind of crisis. Pen and paper works best. Here's a handy guide.

After you’ve answered those questions and figured out your risks, it’s time to locate the best ways to protect against them. Don’t sweat it if you’re not a highly technical person; many of the strategies we recommend can be applied in non-tech ways.

Careful Communications

Secure communication is as much a frame of mind as it is a type of tech product. When you are able to identify which aspects of your life need to be spoken about more carefully, you can then make informed decisions about who to trust with what information, and when. It’s as much about creating ground rules with others about types of communication as it is about normalizing the use of privacy technologies.

Assuming you’ve already created a security plan and identified some risks you want to protect against, begin thinking about the communication you have with others involving those things. Set some rules for how you broach those topics, where they can be discussed, and with whom. Sometimes this might look like the careful development of codewords. Sometimes it’s as easy as saying “let’s move this conversation to Signal.” Now that Signal supports usernames (so you can keep your phone number private), as well as disappearing messages, it’s an obvious tech choice for secure communication.

Compartmentalize Your Digital Activity

As mentioned above, it’s important to know when to compartmentalize sensitive communications to more secure environments. You can expand this idea to other parts of your life. For example, you can designate different web browsers for different use cases, choosing those browsers for the privacy they offer. One might offer significant convenience for day-to-day casual activities (like Chrome), whereas another is best suited for activities that require utmost privacy (like Tor).

Now apply this thought process towards what payment processors you use, what registration information you give to social media sites, what profiles you keep public versus private, how you organize your data backups, and so on. The possibilities are endless, so it’s important that you prioritize only the aspects of your life that most need protection.

Security Culture and Community Care

Both tactics mentioned above incorporate a sense of community when it comes to our privacy and security. We’ve said it before and we’ll say it again: privacy is a team sport. People live in communities built on trust and care for one another; your digital life is imbricated with others in the same way.

If a node on a network is compromised, it will likely implicate others on the same network. This principle of computer network security is just as applicable to social networks. Although traditional information security often builds from a paradigm of “zero trust,” we are social creatures and must work against that idea. It’s more about incorporating elements of shared trust pushing for a culture of security.

Sometimes this looks like setting standards for how information is articulated and shared within a trusted group. Sometimes it looks like choosing privacy-focused technologies to serve a community’s computing needs. The point is to normalize these types of conversations, to let others know that you’re caring for them by attending to your own digital hygiene. For example, when you ask for consent to share images that include others from a protest, you are not only pushing for a culture of security, but normalizing the process of asking for consent. This relationship of community care through data privacy hygiene is reciprocal.

Help Prevent Doxxing

As somewhat touched on above in the other dangers to consider section, doxxing can be a frustratingly difficult thing to protect against, especially when it’s public records that are being used against you. It’s worth looking into your state level voter registration records, if that information is public, and how you can request for that information to be redacted (success may vary by state).

Similarly, although business registration records are publicly available, you can appeal to websites that mirror that information (like Bizapedia) to have your personal information taken down. This is of course only a concern if you have a business registration tied to your personal address.

If you work for a business that is susceptible to public records requests revealing personal sensitive information about you, there’s little to be done to prevent it. You can, however, apply for an address confidentiality program if your state has it. You can also do the somewhat tedious work of scrubbing your personal information from other places online (since doxxing is often a combination of information resources). Consider subscribing to a service like DeleteMe (or follow a free DIY guide) for a more thorough process of minimizing your digital footprint. Collaborating with trusted allies to monitor hate forums is a smart way to unburden yourself from having to look up your own information alone. Sharing that responsibility with others makes it easier to do, as well as group planning for what to do in ways of prevention and incident response.

Take a Deep Breath

It’s natural to feel bogged down by all the thought that has to be put towards privacy and security. Again, don’t beat yourself up for feeling powerless in the face of mass surveillance. You aren’t powerless. You can protect yourself, but it’s reasonable to feel frustrated when there is no comprehensive federal data privacy legislation that would alleviate so many of these concerns.

Take a deep breath. You’re not alone in this fight. There are guides for you to learn more about stepping up your privacy and security. We've even curated a special list of them. And there is Digital Defense Fund, a digital security organization for the abortion access movement, who we are grateful and proud to boost. And though it can often feel like privacy is getting harder to protect, in many ways it’s actually improving. With all that information, as well as continuing to trust your communities, and pushing for a culture of security within them, safety is much easier to attain. With a bit of privacy, you can go back to focusing on what matters, like healthcare.

The Fourth Amendment is Not For Sale Act, H.R.4639, originally introduced in the Senate by Senator Ron Wyden in 2021, has now made the important and historic step of passing the U.S. House of Representatives. In an era when it often seems like Congress cannot pass much-needed privacy protections, this is a victory for vulnerable populations, people who want to make sure their location data is private, and the hard-working activists and organizers who have pushed for the passage of this bill.

Everyday, your personal information is being harvested by your smart phone applications, sold to data brokers, and used by advertisers hoping to sell you things. But what safeguards prevent the government from shopping in that same data marketplace? Mobile data regularly bought and sold, like your geolocation, is information that law enforcement or intelligence agencies would normally have to get a warrant to acquire. But it does not require a warrant for law enforcement agencies to just buy the data. The U.S. government has been using its purchase of this information as a loophole for acquiring personal information on individuals without a warrant.

Now is the time to close that loophole.

At EFF, we’ve been talking about the need to close the databroker loophole for years. We even launched a massive investigation into the data broker industry which revealed Fog Data Science, a company that has claimed in marketing materials that it has “billions” of data points about “over 250 million” devices and that its data can be used to learn about where its subjects work, live, and their associates. We found close to 20 law enforcement agents used or were offered this tool.

It’s time for the Senate to close this incredibly dangerous and invasive loophole. If police want a person—or a whole community’s—location data, they should have to get a warrant to see it. 

Take action

TELL congress: 702 Needs serious reforms

There are a lot of updates in the fight for our freedoms online, from a last-minute reauthorization bill to expand Section 702 (tell your senators to vote NO on the bill here!), a new federal consumer data privacy law (we deserve better!), and a recent draft from the FCC to reinstate net neutrality (you can help clean it up!).

It can feel overwhelming to stay up to date, but we've got you covered with our EFFector newsletter! You can read the full issue here, or subscribe to get the next one in your inbox automatically! You can also listen to the audio version of the newsletter on the Internet Archive, or by clicking the button below:

LISTEN ON YouTube

EFFECTOR 36.5.- About Face (Recognition)

Since 1990 EFF has published EFFector to help keep readers on the bleeding edge of their digital rights. We know that the intersection of technology, civil liberties, human rights, and the law can be complicated, so EFFector is a great way to stay on top of things. The newsletter is chock full of links to updates, announcements, blog posts, and other stories to help keep readers—and listeners—up to date on the movement to protect online privacy and free expression. 

Thank you to the supporters around the world who make our work possible! If you're not a member yet, join EFF today to help us fight for a brighter digital future.

Data about potential voters—who they are, where they are, and how to reach them—is an extremely valuable commodity during an election year. And while the right to a secret ballot is a cornerstone of the democratic process, your personal information is gathered, used, and sold along the way. It's not possible to fully shield yourself from all this data processing, but you can take steps to at least minimize and understand it.

Political campaigns use the same invasive tricks that behavioral ads do—pulling in data from a variety of sources online to create a profile—so they can target you. Your digital trail is a critical tool for campaigns, but the process starts in the real world, where longstanding techniques to collect data about you can be useful indicators of how you'll vote. This starts with voter records.

Your IRL Voting Trail Is Still Valuable

Politicians have long had access to public data, like voter registration, party registration, address, and participation information (whether or not a voter voted, not who they voted for). Online access to such records has made them easier to get in some states, with unintended consequences, like doxing.

Campaigns can purchase this voter information from most states. These records provide a rough idea of whether that person will vote or not, and—if they're registered to a particular party—who they might lean toward voting for. Campaigns use this to put every voter into broad categories, like "supporter," "non-supporter," or "undecided." Campaigns gather such information at in-person events, too, like door-knocking and rallies, where you might sign up for emails or phone calls.

Campaigns also share information about you with other campaigns, so if you register with a candidate one year, it's likely that information goes to another in the future. For example, the website for Adam’s Schiff’s campaign to serve as U.S. Senator from California has a privacy policy with this line under “Sharing of Information”:

With organizations, candidates, campaigns, groups, or causes that we believe have similar political viewpoints, principles, or objectives or share similar goals and with organizations that facilitate communications and information sharing among such groups

Similar language can be found on other campaign sites, including those for Elizabeth Warren and Ted Cruz. These candidate lists are valuable, and are often shared within the national party. In 2017, the Hillary Clinton campaign gave its email list to the Democratic National Committee, a contribution valued at $3.5 million.

If you live in a state with citizen initiative ballot measures, data collected from signature sheets might be shared or used as well. Signing a petition doesn't necessarily mean you support the proposed ballot measure—it's just saying you think it deserves to be put on the ballot. But in most states, these signature pages will remain a part of the public record, and the information you provide may get used for mailings or other targeted political ads. 

How Those Voter Records, and Much More, Lead to Targeted Digital Ads

All that real world information is just one part of the puzzle these days. Political campaigns tap into the same intrusive adtech tracking systems used to deliver online behavioral ads. We saw a glimpse into how this worked after the Cambridge Analytica scandal, and the system has only grown since then.

Specific details are often a mystery, as a political advertising profile may be created by combining disparate information—from consumer scoring data brokers like Acxiom or Experian, smartphone data, and publicly available voter information—into a jumble of data points that’s often hard to trace in any meaningful way. A simplified version of the whole process might go something like this:

1. A campaign starts with its voter list, which includes names, addresses, and party affiliation. It may have purchased this from the state or its own national committee, or collected some of it for itself through a website or app.
2. The campaign then turns to a data broker to enhance this list with consumer information. The data broker combines the voter list with its own data, then creates a behavioral profile using inferences based on your shopping, hobbies, demographics, and more. The campaign looks this all over, then chooses some categories of people it thinks will be receptive to its messages in its various targeted ads.
3. Finally, the campaign turns to an ad targeting company to get the ad on your device. Some ad companies might use an IP address to target the ad to you. As The Markup revealed, other companies might target you based on your phone's location, which is particularly useful in reaching voters not in the campaign's files. 

In 2020, Open Secrets found political groups paid 37 different data brokers at least $23 million for access to services or data. These data brokers collect information from browser cookies, web beacons, mobile phones, social media platforms, and more. They found that some companies specialize in more general data, while others, like i360, TargetSmart, and Grassroots Analytics, focus on data useful to campaigns or advocacy.

A sample of some categories and inferences in a political data broker file that we received through a CCPA request shows the wide variety of assumptions these companies may make.

These political data brokers make a lot of promises to campaigns. TargetSmart claims to have 171 million highly accurate cell phone numbers, and i360 claims to have data on 220 million voters. They also tend to offer specialized campaign categories that go beyond the offerings of consumer-focused data brokers. Check out data broker L2’s “National Models & Predictive Analytics” page, which breaks down interests, demographics, and political ideology—including details like "Voter Fraud Belief," and "Ukraine Continue." The New York Times demonstrated a particularly novel approach to these sorts of profiles where a voter analytics firm created a “Covid concern score” by analyzing cell phone location, then ranked people based on travel patterns during the pandemic.

Some of these companies target based on location data. For example, El Toro claims to have once “identified over 130,000 IP-matched voter homes that met the client’s targeting criteria. El Toro served banner and video advertisements up to 3 times per day, per voter household – across all devices within the home.”

That “all devices within the home” claim may prove important in the coming elections: as streaming video services integrate more ad-based subscription tiers, that likely means more political ads this year. One company, AdImpact, projects $1.3 billion in political ad spending on “connected television” ads in 2024. This may be driven in part by the move away from tracking cookies, which makes web browsing data less appealing.

In the case of connected televisions, ads can also integrate data based on what you've watched, using information collected through automated content recognition (ACR). Streaming device maker and service provider Roku's pitch to potential political advertisers is straightforward: “there’s an opportunity for campaigns to use their own data like never before, for instance to reach households in a particular district where they need to get out the vote.” Roku claims to have at least 80 million users. As a platform for televisions and “streaming sticks,” and especially if you opted into ACR (we’ll detail how to check below), Roku can collect and use a lot of your viewing data ranging from apps, to broadcast TV, or even to video games.

This is vastly different from traditional broadcast TV ads, which might be targeted broadly based on a city or state, and the show being aired. Now, a campaign can target an ad at one household, but not their neighbor, even if they're watching the same show. Of the main streaming companies, only Amazon and Netflix don’t accept political ads.

Finally, there are Facebook and Google, two companies that have amassed a mountain of data points about all their users, and which allow campaigns to target based on some of those factors. According to at least one report, political ad spending on Google (mostly through YouTube) is projected to be $552 million, while Facebook is projected at $568 million. Unlike the data brokers discussed above, most of what you see on Facebook and Google is derived from the data collected by the company from its users. This may make it easier to understand why you’re seeing a political ad, for example, if you follow or view content from a specific politician or party, or about a specific political topic.

What You Can Do to Protect Your Privacy

Managing the flow of all this data might feel impossible, but you can take a few important steps to minimize what’s out there. The chances you’ll catch everything is low, but minimizing what is accessible is still a privacy win.

Install Privacy Badger
Considering how much data is collected just from your day-to-day web browsing, it’s a good idea to protect that first. The simplest way to do so is with our own tracking blocker extension, Privacy Badger.

Disable Your Phone Advertising ID and Audit Your Location Settings
Your phone has an ad identifier that makes it simple for advertisers to track and collate everything you do. Thankfully, you can make this much harder for those advertisers by disabling it:

• On iPhone: Head into Settings > Privacy & Security > Tracking, and make sure “Allow Apps to Request to Track” is disabled. 
• On Android: Open Settings > Security & Privacy > Privacy > Ads, and select “Delete advertising ID.”

Similarly, as noted above, your location is a valuable asset for campaigns. They can collect your location through data brokers, which usually get it from otherwise unaffiliated apps. This is why it's a good idea to limit what sorts of apps have access to your location:

• On iPhone: open Settings > Privacy & Security > Location Services, and disable access for any apps that do not need it. You can also set location for only "While using," for certain apps where it's helpful, but unnecessary to track you all the time. Also, consider disabling "Precise Location" for any apps that don't need your exact location (for example, your GPS navigation app needs precise location, but no weather app does).
• On Android: Open Settings > Location > App location permissions, and confirm that no apps are accessing your location that you don't want to. As with iOS, you can set it to "Allow only while using the app," for apps that don't need it all the time, and disable "Use precise location," for any apps that don't need exact location access.

Opt Out of Tracking on Your TV or Streaming Device, and Any Video Streaming Service
Nearly every brand of TV is connected to the internet these days. Consumer Reports has a guide for disabling what you can on most popular TVs and software platforms. If you use an Apple TV, you can disable the ad identifier following the exact same directions as on your phone.

Since the passage of a number of state privacy laws, streaming services, like other sites, have offered a way for users to opt out of the sale of their info. Many have extended this right outside of states that require it. You'll need to be logged into your streaming service account to take action on most of these, but TechHive has a list of opt out links for popular streaming services to get you started. Select the "Right to Opt Out" option, when offered.

Don't Click on Links in (or Respond to) Political Text Messages
You've likely been receiving political texts for much of the past year, and that's not going to let up until election day. It is increasingly difficult to decipher whether they're legitimate or spam, and with links that often use a URL shortener or odd looking domains, it's best not to click them. If there's a campaign you want to donate to, head directly to the site of the candidate or ballot sponsor.

Create an Alternate Email and Phone Number for Campaign Stuff
If you want to keep updated on campaign or ballot initiatives, consider setting up an email specifically for that, and nothing else. Since a phone number is also often required, it's a good idea to set up a secondary phone number for these same purposes (you can do so for free through services like Google Voice).

Keep an Eye Out for Deceptive Check Boxes
Speaking of signing up for updates, be mindful of when you don't intend to sign up for emails. Campaigns might use pre-selected options for everything from donation amounts to signing up for a newsletter. So, when you sign up with any campaign, keep an eye on any options you might not intend to opt into.

Mind Your Social Media
Now's a great time to take any sort of "privacy checkup" available on whatever social media platforms you use to help minimize any accidental data sharing. Even though you can't completely opt out of behavioral advertising on Facebook, review your ad preferences and opt out whatever you can. Also be sure to disable access to off-site activity. You should also opt out of personalized ads on Google's services. You cannot disable behavioral ads on TikTok, but the company doesn't allow political ads.

If you're curious to learn more about why you're seeing an ad to begin with, on Facebook you can always click the three-dot icon on an ad, then click "Why am I seeing this ad?" to learn more. For ads on YouTube, you can click the "More" button and then "About this advertiser" to see some information about who placed the ad. Anywhere else you see a Google ad you can click the "Adchoices" button and then "Why this ad?"

You shouldn't need to spend an afternoon jumping through opt out hoops and tweaking privacy settings on every device you own just so you're not bombarded with highly targeted ads. That’s why EFF supports comprehensive consumer data privacy legislation, including a ban on online behavioral ads.

Democracy works because we participate, and you should be able to do so without sacrificing your privacy. 

Lynn Hamadallah is a Syrian-Palestinian-French Psychologist based in London. An outspoken voice for the Palestinian cause, Lynn is interested in the ways in which narratives, spoken and unspoken, shape identity. Having lived in five countries and spent a lot of time traveling, she takes a global perspective on freedom of expression. Her current research project investigates how second-generation British-Arabs negotiate their cultural identity. Lynn works in a community mental health service supporting some of London's most disadvantaged residents, many of whom are migrants who have suffered extensive psychological trauma.

York: What does free speech or free expression mean to you? 

Being Arab and coming from a place where there is much more speech policing in the traditional sense, I suppose there is a bit of an idealization of Western values of free speech and democracy. There is this sense of freedom we grow up associating with the West. Yet recently, we’ve come to realize that the way it works in practice is quite different to the way it is described, and this has led to a lot of disappointment and disillusionment in the West and its ideals amongst Arabs. There’s been a lot of censorship for example on social media, which I’ve experienced myself when posting content in support of Palestine. At a national level, we have witnessed the dehumanization going on around protesters in the UK, which undermines the idea of free speech. For example, the pro-Palestine protests where we saw the then-Home Secretary Suella Braverman referring to protesters as “hate marchers.” So we’ve come to realize there’s this kind of veneer of free speech in the West which does not really match up to the more idealistic view of freedom we were taught about.

With the increased awareness we have gained as a result of the latest aggression going on in Palestine, actually what we’re learning is that free speech is just another arm of the West to support political and racist agendas. It’s one of those things that the West has come up with which only applies to one group of people and oppresses another. It’s the same as with human rights you know - human rights for who? Where are Palestinian’s human rights? 

We’ve seen free speech being weaponized to spread hate and desecrate Islam, for example, in the case of Charlie Hebdo and the Quran burning in Denmark and in Sweden. The argument put forward was that those cases represented instances of free speech rather than hate speech. But actually to millions of Muslims around the world those incidents were very, very hateful. They were acts of violence not just against their religious beliefs but right down to their sense of self. It’s humiliating to have a part of your identity targeted in that way with full support from the West, politicians and citizens alike. 

And then, when we— we meaning Palestinians and Palestine allies—want to leverage this idea of free speech to speak up against the oppression happening by the state of Israel, we see time and time again accusations flying around: hate speech, anti-semitism, and censorship. Heavy, heavy censorship everywhere. So that’s what I mean when I say that free speech in the West is a racist concept, actually. And I don’t know that true free speech exists anywhere in the world really. In the Middle East we don’t have democracies but at least there’s no veneer of democracy— the messaging and understanding is clear. Here, we have a supposed democracy, but in practice it looks very different. And that’s why, for me, I don’t really believe that free speech exists. I’ve never seen a real example of it. I think as long as people are power hungry there’s going to be violence, and as long as there’s violence, people are going to want to hide their crimes. And as long as people are trying to hide their crimes there’s not going to be free speech. Sorry for the pessimistic view!

York: It’s okay, I understand where you’re coming from. And I think that a lot of those things are absolutely true. Yet, from my perspective, I still think it’s a worthy goal even though governments—and organizationally we’ve seen this as well—a lot of times governments do try to abuse this concept. So I guess then I would just as a follow-up, do you feel that despite these issues that some form of universalized free expression is still a worthy ideal? 

Of course, I think it’s a worthy ideal. You know, even with social media – there is censorship. I’ve experienced it and it’s not just my word and an isolated incident. It’s been documented by Human Rights Watch—even Meta themselves! They did an internal investigation in 2021—Meta had a nonprofit called Business for Social Responsibility do an investigation and produce a report—and they’ve shown there was systemic censorship of Palestine-related content. And they’re doing it again now. That being said, I do think social media is making free speech more accessible, despite the censorship. 

And I think—to your question—free speech is absolutely worth pursuing. Because we see that despite these attempts at censorship, the truth is starting to come out. Palestine support is stronger than it’s ever been. To the point where we’ve now had South Africa take Israel to trial at the International Court of Justice for genocide, using evidence from social media videos that went viral. So what I’m saying is, free speech has the power to democratize demanding accountability from countries and creating social change, so yes, absolutely something we should try to pursue. 

York: You just mentioned two issues close to my heart. One is the issues around speech on social media platforms, and I’ve of course followed and worked on the Palestinian campaigns quite closely and I’m very aware of the BSR report. But also, video content, specifically, that’s found on social media being used in tribunals. So let me shift this question a bit. You have such a varied background around the world. I’m curious about your perspective over the past decade or decade and a half since social media has become so popular—how do you feel social media has shaped people’s views or their ability to advocate for themselves globally? 

So when we think about stories and narratives, something I’m personally interested in, we have to think about which stories get told and which stories remain untold. These stories and their telling is very much controlled by the mass media— BBC, CNN, and the like. They control the narrative. And I guess what social media is doing is it’s giving a voice to those who are often voiceless. In the past, the issue was that there was such a monopoly over mouthpieces. Mass  media were so trusted, to the point where no one would have paid attention to these alternative viewpoints. But what social media has done… I think it’s made people become more aware or more critical of mass media and how it shapes public opinion. There’s been a lot of exposure of their failure for example, like that video that went viral of Egyptian podcaster and activist Rahma Zain confronting CNN’s Clarissa Ward at the Rafah border about their biased reporting of the genocide in Palestine. I think that confrontation spoke to a lot of people. She was shouting “ You own the narrative, this is our problem. You own the narrative, you own the United Nations, you own Hollywood, you own all these mouthpieces— where are our voices?! Our voices need to be heard!” It was SO powerful and that video really spoke to the sentiment of many Arabs who have felt angry, betrayed and abandoned by the West’s ideals and their media reporting.

Social media is providing  a voice to more diverse people, elevating them and giving the public more control around narratives. Another example we’ve seen recently is around what’s currently happening in Sudan and the Democratic Republic of Congo. These horrific events and stories would never have had much of a voice or exposure before at the global stage. And now people all over the world are paying more attention and advocating for Sudanese and Congolese rights, thanks to social media. 

I personally was raised with quite a critical view of mass media, I think in my family there was a general distrust of the West, their policies and their media, so I never really relied personally on the media as this beacon of truth, but I do think that’s an exception. I think the majority of people rely on mass media as their source of truth. So social media plays an important role in keeping them accountable and diversifying narratives.

York: What are some of the biggest challenges you see right now anywhere in the world in terms of the climate for free expression for Palestinian and other activism? 

I think there’s two strands to it. There’s the social media strand. And there’s the governmental policies and actions. So I think on social media, again, it’s very documented, but it’s this kind of constant censorship. People want to be able to share content that matters to them, to make people more aware of global issues and we see time and time again viewership going down, content being deleted or reports from Meta of alleged hate speech or antisemitism. And that’s really hard. There’ve been random strategies that have popped up to increase social media engagement, like posting random content unrelated to Palestine or creating Instagram polls for example. I used to do that, I interspersed Palestine content with random polls like, “What’s your favorite color?” just to kind of break up the Palestine content and boost my engagement. And it was honestly so exhausting. It was like… I’m watching a genocide in real time, this is an attack on my people and now I’m having to come up with silly polls? Eventually I just gave up and accepted my viewership as it was, which was significantly lower.

At a government level, which is the other part of it, there’s this challenge of constant intimidation that we’re witnessing. I just saw recently there was a 17-year-old boy who was interviewed by the counterterrorism police at an airport because he was wearing a Palestinian flag. He was interrogated about his involvement in a Palestinian protest. When has protesting become a crime and what does that say about democratic rights and free speech here in the UK? And this is one example, but there are so many examples of policing, there was even talk of banning protests all together at one point. 

The last strand I’d include, actually, that I already touched on, is the mass media. Just recently we’ve seen the BBC reporting on the ICJ hearing, they showed the Israeli defense part, but they didn’t even show the South African side. So this censorship is literally in plain sight and poses a real challenge to the climate of free expression for Palestine activism.

York: Who is your free speech hero? 

Off the top of my head I’d probably say Mohammed El-Kurd. I think he’s just been so unapologetic in his stance. Not only that but I think he’s also made us think critically about this idea of narrative and what stories get told. I think it was really powerful when he was arguing the need to stop giving the West and mass media this power, and that we need to disempower them by ceasing to rely on them as beacons of truth, rather than working on changing them. Because, as he argues, oppressors who have monopolized and institutionalized violence will never ever tell the truth or hold themselves to account. Instead, we need to turn to Palestinians, and to brave cultural workers, knowledge producers, academics, journalists, activists, and social media commentators who understand the meaning of oppression and view them as the passionate, angry and, most importantly, reliable narrators that they are.

EFF is concerned that a new federal bill would freeze consumer data privacy protections in place, by preempting existing state laws and preventing states from creating stronger protections in the future. Federal law should be the floor on which states can build, not a ceiling.

We also urge the authors of the American Privacy Rights Act (APRA) to strengthen other portions of the bill. It should be easier to sue companies that violate our rights. The bill should limit sharing with the government and expand the definition of sensitive data. And it should narrow exceptions that allow companies to exploit our biometric information, our so-called “de-identified” data, and our data obtained in corporate “loyalty” schemes.

Despite our concerns with the APRA bill, we are glad Congress is pivoting the debate to a privacy-first approach to online regulation. Reining in companies’ massive collection, misuse, and transfer of everyone’s personal data should be the unifying goal of those who care about the internet. This debate has been absent at the federal level in the past year, giving breathing room to flawed bills that focus on censorship and content blocking, rather than privacy.

In general, the APRA would require companies to minimize their processing of personal data to what is necessary, proportionate, and limited to certain enumerated purposes. It would specifically require opt-in consent for the transfer of sensitive data, and most processing of biometric and genetic data. It would also give consumers the right to access, correct, delete, and export their data. And it would allow consumers to universally opt-out of the collection of their personal data from brokers, using a registry maintained by the Federal Trade Commission.

We welcome many of these privacy protections. Below are a few of our top priorities to correct and strengthen the APRA bill.

Allow States to Pass Stronger Privacy Laws

The APRA should not preempt existing and future state data privacy laws that are stronger than the current bill. The ability to pass stronger bills at the state and local level is an important tool in the fight for data privacy. We ask that Congress not compromise our privacy rights by undercutting the very state-level action that spurred this compromise federal data privacy bill in the first place.

Subject to exceptions, the APRA says that no state may “adopt, maintain, enforce, or continue in effect” any state-level privacy requirement addressed by the new bill. APRA would allow many state sectoral privacy laws to remain, but it would still preempt protections for biometric data, location data, online ad tracking signals, and maybe even privacy protections in state constitutions or some other limits on what private companies can share with the government. At the federal level, the APRA would also wrongly preempt many parts of the federal Communications Act, including provisions that limit a telephone company’s use, disclosure, and access to customer proprietary network information, including location information.

Just as important, it would prevent states from creating stronger privacy laws in the future. States are more nimble at passing laws to address new privacy harms as they arise, compared to Congress which has failed for decades to update important protections. For example, if lawmakers in Washington state wanted to follow EFF’s advice to ban online behavioral advertising or to allow its citizens to sue companies for not minimizing their collection of personal data (provisions where APRA falls short), state legislators would have no power to do so under the new federal bill.

Make It Easier for Individuals to Enforce Their Privacy Rights

The APRA should prevent coercive forced arbitration agreements and class action waivers, allow people to sue for statutory damages, and allow them to bring their case in state court. These rights would allow for rigorous enforcement and help force companies to prioritize consumer privacy.

The APRA has a private right of action, but it is a half-measure that still lets companies side-step many legitimate lawsuits. And the private right of action does not apply to some of the most important parts of the law, including the central data minimization requirement.

The favorite tool of companies looking to get rid of privacy lawsuits is to bury provision in their terms of service that force individuals into private arbitration and prevent class action lawsuits. The APRA does not address class action waivers and only prevents forced arbitration for children and people who allege “substantial” privacy harm. In addition, statutory damages and enforcement in state courts is essential, because many times federal courts still struggle to acknowledge privacy harm as real—relying instead on a cramped view that does not recognize privacy as a human right. In addition, the bill would allow companies to cure violations rather than face a lawsuit, incentivizing companies to skirt the law until they are caught.

Limit Exceptions for Sharing with the Government

APRA should close a loophole that may allow data brokers to sell data to the government and should require the government to obtain a court order before compelling disclosure of user data. This is important because corporate surveillance and government surveillance are often the same.

Under the APRA, government contractors do not have to follow the bill’s privacy protections. Those include any “entity that is collecting, processing, retaining, or transferring covered data on behalf of a Federal, State, Tribal, territorial, or local government entity, to the extent that such entity is acting as a service provider to the government entity.” Read broadly, this provision could protect data brokers who sell biometric information and location information to the government. In fact, Clearview AI previously argued it was exempt from Illinois’ strict biometric law using a similar contractor exception. This is a point that needs revision because other parts of the bill rightly prevent covered entities (government contractors excluded) from selling data to the government for the purpose of fraud detection, public safety, and criminal activity detection.

The APRA also allows entities to transfer personal data to the government pursuant to a “lawful warrant, administrative subpoena, or other form of lawful process.” EFF urges that the requirement be strengthened to at least a court order or warrant with prompt notice to the consumer. Protections like this are not unique, and it is especially important in the wake of the Dobbs decision.

Strengthen the Definition of Sensitive Data

The APRA has heightened protections for sensitive data, and it includes a long list of 18 categories of sensitive data, like: biometrics, precise geolocation, private communications, and an individual’s online activity overtime and across websites. This is a good list that can be added to. We ask Congress to add other categories, like immigration status, union membership, employment history, familial and social relationships, and any covered data processed in a way that would violate a person’s reasonable expectation of privacy. The sensitivity of data is context specific—meaning any data can be sensitive depending on how it is used. The bill should be amended to reflect that.

Limit Other Exceptions for Biometrics, De-identified Data, and Loyalty Programs

An important part of any bill is to make sure the exceptions do not swallow the rule. The APRA’s exceptions on biometric information, de-identified data, and loyalty programs should be narrowed.

In APRA, biometric information means data “generated from the measurement or processing of the individual’s unique biological, physical, or physiological characteristics that is linked or reasonably linkable to the individual” and excludes “metadata associated with a digital or physical photograph or an audio or video recording that cannot be used to identify an individual.” EFF is concerned this definition will not protect biometric information used for analysis of sentiment, demographics, and emotion, and could be used to argue hashed biometric identifiers are not covered.

De-identified data is excluded from the definition of personal data covered by the APRA, and companies and service providers can turn personal data into de-identified data to process it however they want. The problem with de-identified data is that many times it is not. Moreover, many people do not want their private data that they store in confidence with a company to then be used to improve that company’s product or train its algorithm—even if the data has purportedly been de-identified.

Many companies under the APRA can host loyalty programs and can sell that data with opt-in consent. Loyalty programs are a type of pay-for-privacy scheme that pressure people to surrender their privacy rights as if they were a commodity. Worse, because of our society’s glaring economic inequalities, these schemes will unjustly lead to a society of privacy “haves” and “have-nots.” At the very least, the bill should be amended to prevent companies from selling data that they obtain from a loyalty program.

We welcome Congress' privacy-first approach in the APRA and encourage the authors to improve the bill to ensure privacy is protected for generations to come.

The Federal Communications Commission (FCC) has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then.

Proposed Rules on Throttling and Prioritization Allow for the Circumvention of Net Neutrality

Net neutrality is the principle that all ISPs should treat all traffic coming over their networks without discrimination. The effect of this principle is that customers decide for themselves how they’d like to experience the internet. Violations of this principle include, but are not limited to, attempts to block, speed up, or slow down certain content as means of controlling traffic.

Net neutrality is critical to ensuring that the internet remains a vibrant place to learn, organize, speak, and innovate, and the FCC recognizes this. The draft mostly reinstates the bright-line rules of the landmark 2015 net neutrality protections to ban blocking, throttling, and paid prioritization.

It falls short, though, in a critical way: the FCC seems to think that it’s not okay to favor certain sites or services by slowing down other traffic, but it might be okay to favor them by giving them access to so-called fast lanes such as 5G network slices. First of all, in a world with a certain amount of finite bandwidth, favoring some traffic necessarily impairs other traffic. Secondly, the harms to speech and competition would be the same even if an ISP could conjure more bandwidth from thin air to speed up traffic from its business partners. Whether your access to Spotify is faster than your access to Bandcamp because Spotify is sped up or because Bandcamp is slowed down doesn’t matter because the end result is the same: Spotify is faster than Bandcamp and so you are incentivized to use Spotify over Bandcamp.

The loophole is especially bizarre because the 2015 FCC already got this right, and there has been bipartisan support for net neutrality proposals that explicitly encompass both favoring and disfavoring certain traffic. It’s a distinction that doesn’t make logical sense, doesn’t seem to have partisan significance, and could potentially undermine the rules in the event of a court challenge by drawing a nonsensical distinction between what’s forbidden under the bright-line rules versus what goes through the multi-factor test for other potentially discriminatory conduct by ISPs.

The FCC needs to close this loophole for unpaid prioritization of certain applications or classes of traffic. Customers should be in charge of what they do online, rather than ISPs deciding that, say, it’s more important to consume streaming entertainment products than to participate in video calls or that one political party’s websites should be served faster than another’s.

The FCC Should Clearly Rule Preemption to be a Floor, Not a Ceiling

When the FCC under the previous administration abandoned net neutrality protections in 2017 with the so-called “Restoring Internet Freedom” order, many states—chief among them California—stepped in to pass state net neutrality laws. Laws more protective than federal net neutrality protections—like California's should be explicitly protected by the new rule.

The FCC currently finds that California’s law “generally tracks [with] the federal rules[being] restored. (269)” It goes on to find that state laws are fine so long as they do not “interfere with or frustrate…federal rules,” are not “inconsistent,” or are not “incompatible.” It then reserves the right to revisit any state law if evidence arises that a state policy is found to “interfere or [be] incompatible.”

States should be able to build on federal laws to be more protective of rights, not run into limits to available protections. California’s net neutrality is in some places stronger than the draft rules. Where the FCC means to evaluate zero-rating, the practice of exempting certain data from a user’s data cap, on a case-by-case basis, California outright bans the practice of zero rating select apps.

There is no guarantee that a Commission which finds California to “generally track” today will do the same in two years time. The language as written unnecessarily sets a low bar for a future Commission to find California’s, and other states’, net neutrality laws to be preempted. It also leaves open unnecessary room for the large internet service providers (ISPs) to challenge California’s law once again. After all, when California’s law was first passed, it was immediately taken to court by these same ISPs and only after years of litigation did the courts reject the industry’s arguments and allow enforcement of this gold standard law to begin.

We urge the Commission to clearly state that, not only is California consistent with the FCC’s rules, but that on the issue of preemption the FCC considers its rules to be  the floor to build on, and that further state protections are not inconsistent simply because they may go further than the FCC chooses to.

Overall, the order is a great step for net neutrality. Its rules go a distance in protecting internet users. But we need clear rules recognizing that the creation of fast lanes via positive discrimination and unpaid prioritization are violations of net neutrality just the same, and assurance that states will continue to be free to protect their residents even when the FCC won’t.

Tell the FCC to Fix the Net Neutrality Rules:

1. Go to this link
2. For "Proceeding" put 23-320
3. Fill out the form
4. In "brief comments" register your thoughts on net neutrality. We recommend this, which you can copy and paste or edit for yourself:

Net neutrality is the principle that all internet service providers treat all traffic coming through their networks without discrimination. The effect of this principle is that customers decide for themselves how they’d like to experience the internet. The Commission’s rules as currently written leave open the door for positive discrimination of content, that is, the supposed creation of fast lanes where some content is sped up relative to others. This isn’t how the internet works, but in any case, whether an ISP is speeding up or slowing down content, the end result is the same: the ISP picks the winners and losers on the internet. As such the Commission must create bright line rules against all forms of discrimination, speeding up or slowing down, against apps or classes of apps on general traffic in the internet.

Further, while the Commission currently finds state net neutrality rules, like California’s, to not be preempted because they “generally track” its own rules, it makes it easy to rule otherwise at a future date. But just as we received net neutrality in 2015 only to have it taken away in 2017, there is no guarantee that the Commission will continue to find state net neutrality laws passed post-2017 to be consistent with the rules. To safeguard net neutrality, the Commission must find that California’s law is wholly consistent with their rules and that preemption is taken as a floor, not a ceiling, so that states can go above and beyond the federal standard without it being considered inconsistent with the federal rule.

Take Action

Tell the FCC to Fix the Net Neutrality Rules

Facial recognition is a threat to privacy, racial justice, free expression, and information security. EFF supports strict restrictions on face recognition use by private companies, and total bans on government use of the technology. Face recognition in all of its forms, including face scanning and real-time tracking, pose threats to civil liberties and individual privacy. “False positive” error rates are significantly higher for women, children, and people of color, meaning face recognition has an unfair discriminatory impact. Coupled with the fact that cameras are over-deployed in neighborhoods with immigrants and people of color, spying technologies like face surveillance serve to amplify existing disparities in the criminal justice system.

Across the nation local communities from San Francisco to Boston have moved to ban government use of facial recognition. In New York, Electronic Frontier Alliance member Surveillance Technology Oversight Project (S.T.O.P.) is at the forefront of this movement. Recently we got the chance to speak with them about their efforts and what people can do to help advance the cause. S.T.O.P. is a New York-based civil rights and privacy organization that does research, advocacy, and litigation around issues of surveillance technology abuse.

What does “Ban The Scan” mean? 

When we say scan, we are referring to the “face scan” component of facial recognition technology. Surveillance, and more specifically facial recognition, disproportionately targets Black, Brown, Indigenous, and immigrant communities, amplifying the discrimination that has defined New York’s policing for as long as our state has had police. Facial recognition is notoriously biased and often abused by law enforcement. It is a threat to free speech, freedom of association, and other civil liberties. Ban the Scan is a campaign and coalition built around passing two packages of bills that would ban facial recognition in a variety of contexts in New York City and New York State. 

Are there any differences with the State vs City version?

The City and State packages are largely similar. The main differences are that the State package contains a bill banning law enforcement use of facial recognition, whereas the City package has a bill that bans all government use of the technology (although this bill has yet to be introduced). The State package also contains an additional bill banning facial recognition use in schools, which would codify an existing regulatory ban that currently applies to schools.

What hurdles exist to its passage? 

 For the New York State package, the coalition is newly coming together, so we are still gathering support from legislators and the public. For the City package, we are lucky to have a lot of support already, and we are waiting to have a hearing conducted on the residential ban bills and move them into the next phase of legislation. We are also working to get the bill banning government use introduced at the City level.

What can people do to help this good legislation? How to get involved? 

We recently launched a campaign website for both City and State packages (banthescan.org). If you’re a New York City or State resident, you can look up your legislators (links below!) and contact them to ask them to support these bills or thank them for their support if they are already signed on. We also have social media toolkits with graphics and guidance on how to help spread the word!  

Find your NYS Assemblymember: https://nyassembly.gov/mem/search/ 

Find your NYS Senator: https://www.nysenate.gov/find-my-senator 

Find your NYC Councilmember: https://council.nyc.gov/map-widget/  

Our faces are often exposed and, unlike passwords or pin numbers, cannot be remade. Governments and businesses, often working in partnership, are increasingly using our faces to track our whereabouts, activities, and associations. This is why EFF recently submitted comments to the U.S. Commission on Civil Rights, which is preparing a report on face recognition technology (FRT).   

In our submission, we reiterated our stance that there should be a ban on governmental use of FRT and strict regulations on private use because it: (1) is not reliable enough to be used in determinations affecting constitutional and statutory rights or social benefits; (2) is a menace to social justice as its errors are far more pronounced when applied to people of color, members of the LGBTQ+ community, and other marginalized groups; (3) threatens privacy rights; (4) chills and deters expression; and (5) creates information security risks.

Despite these grave concerns, FRT is being used by the government and law enforcement agencies with increasing frequency, and sometimes with devastating effects. At least one Black woman and five Black men have been wrongfully arrested due to misidentification by FRT: Porcha Woodruff, Michael Oliver, Nijeer Parks, Randal Reid, Alonzo Sawyer, and Robert Williams. And Harvey Murphy Jr., a white man, was wrongfully arrested due to FRT misidentification, and then sexually assaulted while in jail.

Even if FRT was accurate, or at least equally inaccurate across demographics, it would still severely impact our privacy and security. We cannot change our face, and we expose it to the mass surveillance networks already in place every day we go out in public. But doing that should not be license for the government or private entities to make imprints of our face and retain that data, especially when that data may be breached by hostile actors.

The government should ban its own use of FRT, and strictly limit private use, to protect us from the threats posed by FRT. 

We could go on for days talking about all the work EFF does to ensure that technology supports freedom, justice, and innovation for all people of the world. In fact, we DO go on for days talking about it — but we’d rather hear from you. 

What does EFF mean to you? We’d love to know why you support us, how you see our mission, or what issue or area we address that affects your life the most. It’ll help us make sure we keep on being the EFF you want us to be.

So if you’re willing to go on the record, please send us a few sentences, along with your first name and current city of residence, to testimonials@eff.org; we’ll pick some every now and then to share with the world here on our blog, in our emails, and on our social media.

Yesterday, the House of Representatives voted against considering a largely bad bill that would have unacceptably expanded the tentacles of Section 702 of the Foreign Intelligence Surveillance Act, along with reauthorizing it and introducing some minor fixes. Section 702 is Big Brother’s favorite mass surveillance law that EFF has been fighting since it was first passed in 2008. The law is currently set to expire on April 19. 

Yesterday’s decision not to decide is good news, at least temporarily. Once again, a bipartisan coalition of law makers—led by Rep. Jim Jordan and Rep. Jerrold Nadler—has staved off the worst outcome of expanding 702 mass surveillance in the guise of “reforming” it. But the fight continues and we need all Americans to make their voices heard. 

Use this handy tool to tell your elected officials: No reauthorization of 702 without drastic reform:

Take action

TELL congress: 702 Needs serious reforms

Yesterday’s vote means the House also will not consider amendments to Section 702 surveillance introduced by members of the House Judiciary Committee (HJC) and House Permanent Select Committee on Intelligence (HPSCI). As we discuss below, while the HJC amendments would contain necessary, minimum protections against Section 702’s warrantless surveillance, the HPSCI amendments would impose no meaningful safeguards upon Section 702 and would instead increase the threats Section 702 poses to Americans’ civil liberties.

Section 702 expressly authorizes the government to collect foreign communications inside the U.S. for a wide range of purposes, under the umbrellas of national security and intelligence gathering. While that may sound benign for Americans, foreign communications include a massive amount of Americans’ communications with people (or services) outside the United States. Under the government’s view, intelligence agencies and even domestic law enforcement should have backdoor, warrantless access to these “incidentally collected” communications, instead of having to show a judge there is a reason to query Section 702 databases for a specific American's communications.

Many amendments to Section 702 have recently been introduced. In general, amendments from members of the HJC aim at actual reform (although we would go further in many instances). In contrast, members of HPSCI have proposed bad amendments that would expand Section 702 and undermine necessary oversight. Here is our analysis of both HJC’s decent reform amendments and HPSCI’s bad amendments, as well as the problems the latter might create if they return.

House Judiciary Committee’s Amendments Would Impose Needed Reforms

The most important amendment HJC members have introduced would require the government to obtain court approval before querying Section 702 databases for Americans’ communications, with exceptions for exigency, consent, and certain queries involving malware. As we recently wrote regarding a different Section 702 bill, because Section 702’s warrantless surveillance lacks the safeguards of probable cause and particularity, it is essential to require the government to convince a judge that there is a justification before the “separate Fourth Amendment event” of querying for Americans’ communications. This is a necessary, minimum protection and any attempts to renew Section 702 going forward should contain this provision.

Another important amendment would prohibit the NSA from resuming “abouts” collection. Through abouts collection, the NSA collected communications that were neither to nor from a specific surveillance target but merely mentioned the target. While the NSA voluntarily ceased abouts collection following Foreign Intelligence Surveillance Court (FISC) rulings that called into question the surveillance’s lawfulness, the NSA left the door open to resume abouts collection if it felt it could “work that technical solution in a way that generates greater reliability.” Under current law, the NSA need only notify Congress when it resumes collection. This amendment would instead require the NSA to obtain Congress’s express approval before it can resume abouts collection, which―given this surveillance's past abuses—would be notable.

The other HJC amendment Congress should accept would require the FBI to give a quarterly report to Congress of the number of queries it has conducted of Americans’ communications in its Section 702 databases and would also allow high-ranking members of Congress to attend proceedings of the notoriously secretive FISC. More congressional oversight of FBI queries of Americans’ communications and FISC proceedings would be good. That said, even if Congress passes this amendment (which it should), both Congress and the American public deserve much greater transparency about Section 702 surveillance.  

House Permanent Select Committee on Intelligence’s Amendments Would Expand Section 702

Instead of much-needed reforms, the HPSCI amendments expand Section 702 surveillance.

One HPSCI amendment would add “counternarcotics” to FISA’s definition of “foreign intelligence information,” expanding the scope of mass surveillance even further from the antiterrorism goals that most Americans associate with FISA. In truth, FISA’s definition of “foreign intelligence information” already goes beyond terrorism. But this counternarcotics amendment would further expand “foreign intelligence information” to allow FISA to be used to collect information relating to not only the “international production, distribution, or financing of illicit synthetic drugs, opioids, cocaine, or other drugs driving overdose deaths” but also to any of their precursors. Given the massive amount of Americans’ communications the government already collects under Section 702 and the government’s history of abusing Americans’ civil liberties through searching these communications, the expanded collection this amendment would permit is unacceptable.

Another amendment would authorize using Section 702 to vet immigrants and those seeking asylum. According to a FISC opinion released last year, the government has sought some version of this authority for years, and the FISC repeatedly denied it—finally approving it for the first time in 2023. The FISC opinion is very redacted, which makes it impossible to know either the current scope of immigration and visa-related surveillance under Section 702 or what the intelligence agencies have sought in the past. But regardless, it’s deeply concerning that HPSCI is trying to formally lower Section 702 protections for immigrants and asylum seekers. We’ve already seen the government revoke people’s visas based upon their political opinions—this amendment would put this kind of thing on steroids.

The last HPSCI amendment tries to make more companies subject to Section 702’s required turnover of customer information in more instances. In 2023, the FISC Court of Review rejected the government’s argument that an unknown company was subject to Section 702 for some circumstances. While we don’t know the details of the secret proceedings because the FISC Court of Review opinion is heavily redacted, this is an ominous attempt to increase the scope of providers subject to 702. With this amendment, HPSCI is attempting to legislatively overrule a court already famously friendly to the government. HPSCI Chair Mike Turner acknowledged as much in a House Rules Committee hearing earlier this week, stating that this amendment “responds” to the FISC Court of Review’s decision.

What’s Next 

This hearing was unlikely to be the last time Congress considers Section 702 before April 19—we expect another attempt to renew this surveillance authority in the coming days. We’ve been very clear: Section 702 must not be renewed without essential reforms that protect privacy, improve transparency, and keep the program within the confines of the law. 

Take action

TELL congress: 702 Needs serious reforms

When EFF set out to map surveillance technology along the U.S.-Mexico border, we weren't exactly sure how to do it. We started with public records—procurement documents, environmental assessments, and the like—which allowed us to find the GPS coordinates of scores of towers. During a series of in-person trips, we were able to find even more. Yet virtual reality ended up being one of the key tools in not only discovering surveillance at the border, but also in educating people about Customs & Border Protection's so-called "virtual wall" through VR tours.

EFF Director of Investigations Dave Maass recently gave a lightning talk at University of Nevada, Reno's annual XR Meetup explaining how virtual reality, perhaps ironically, has allowed us to better understand the reality of border surveillance.

%3Ciframe%20width%3D%22560%22%20height%3D%22315%22%20src%3D%22https%3A%2F%2Fwww.youtube.com%2Fembed%2FwEolW4-b6Dw%3Fsi%3DfeR80hnnRLET4VpX%26autoplay%3D1%26mute%3D1%22%20title%3D%22YouTube%20video%20player%22%20frameborder%3D%220%22%20allow%3D%22accelerometer%3B%20autoplay%3B%20clipboard-write%3B%20encrypted-media%3B%20gyroscope%3B%20picture-in-picture%3B%20web-share%22%20referrerpolicy%3D%22strict-origin-when-cross-origin%22%20allowfullscreen%3D%22%22%3E%3C%2Fiframe%3E Privacy info. This embed will serve content from youtube.com

Twelve years ago, internet users spoke up with one voice to reject a law that would build censorship into the internet at a fundamental level. This week, the Motion Picture Association (MPA), a group that represents six giant movie and TV studios, announced that it hoped we’d all forgotten how dangerous this idea was. The MPA is wrong. We remember, and the internet remembers.

What the MPA wants is the power to block entire websites, everywhere in the U.S., using the same tools as repressive regimes like China and Russia. To it, instances of possible copyright infringement should be played like a trump card to shut off our access to entire websites, regardless of the other legal speech hosted there. It is not simply calling for the ability to take down instances of infringement—a power they already have, without even having to ask a judge—but for the keys to the internet. Building new architectures of censorship would hurt everyone, and doesn’t help artists.

The bills known as SOPA/PIPA would have created a new, rapid path for copyright holders like the major studios to use court orders against sites they accuse of infringing copyright. Internet service providers (ISPs) receiving one of those orders would have to block all of their customers from accessing the identified websites. The orders would also apply to domain name registries and registrars, and potentially other companies and organizations that make up the internet’s basic infrastructure. To comply, all of those would have to build new infrastructure dedicated to site-blocking, inviting over-blocking and all kinds of abuse that would censor lawful and important speech.

In other words, the right to choose what websites you visit would be taken away from you and given to giant media companies and ISPs. And the very shape of the internet would have to be changed to allow it.

In 2012, it seemed like SOPA/PIPA, backed by major corporations used to getting what they want from Congress, was on the fast track to becoming law. But a grassroots movement of diverse Internet communities came together to fight it. Digital rights groups like EFF, Public Knowledge, and many more joined with editor communities from sites like Reddit and Wikipedia to speak up. Newly formed grassroots groups like Demand Progress and Fight for the Future added their voices to those calling out the dangers of this new form of censorship. In the final days of the campaign, giant tech companies like Google and Facebook (now Meta) joined in opposition as well.

What resulted was one of the biggest protests ever seen against a piece of legislation. Congress was flooded with calls and emails from ordinary people concerned about this steamroller of censorship. Members of Congress raced one another to withdraw their support for the bills. The bills died, and so did site blocking legislation in the US. It was, all told, a success story for the public interest.

Even the MPA, one of the biggest forces behind SOPA/PIPA, claimed to have moved on. But we never believed it, and they proved us right time and time again. The MPA backed site-blocking laws in other countries. Rightsholders continued to ask US courts for site-blocking orders, often winning them without a new law. Even the lobbying of Congress for a new law never really went away. It’s just that today, with MPA president Charles Rivkin openly calling on Congress “to enact judicial site-blocking legislation here in the United States,” the MPA is taking its mask off.

Things have changed since 2012. Tech platforms that were once seen as innovators have become behemoths, part of the establishment rather than underdogs. The Silicon Valley-based video streamer Netflix illustrated this when it joined MPA in 2019. And the entertainment companies have also tried to pivot into being tech companies. Somehow, they are adopting each other’s worst aspects.

But it’s important not to let those changes hide the fact that those hurt by this proposal are not Big Tech but regular internet users. Internet platforms big and small are still where ordinary users and creators find their voice, connect with audiences, and participate in politics and culture, mostly in legal—and legally protected—ways. Filmmakers who can’t get a distribution deal from a giant movie house still reach audiences on YouTube. Culture critics still reach audiences through zines and newsletters. The typical users of these platforms don’t have the giant megaphones of major studios, record labels, or publishers. Site-blocking legislation, whether called SOPA/PIPA, “no fault injunctions,” or by any other name, still threatens the free expression of all of these citizens and creators.

No matter what the MPA wants to claim, this does not help artists. Artists want their work seen, not locked away for a tax write-off. They wanted a fair deal, not nearly five months of strikes. They want studios to make more small and midsize films and to take a chance on new voices. They have been incredibly clear about what they want, and this is not it.

Even if Rivkin’s claim of an “unflinching commitment to the First Amendment” was credible from a group that seems to think it has a monopoly on free expression—and which just tried to consign the future of its own artists to the gig economy—a site-blocking law would not be used only by Hollywood studios. Anyone with a copyright and the means to hire a lawyer could wield the hammer of site-blocking. And here’s the thing: we already know that copyright claims are used as tools of censorship.

The notice-and-takedown system created by the Digital Millennium Copyright Act, for example, is abused time and again by people who claim to be enforcing their copyrights, and also by folks who simply want to make speech they don’t like disappear from the Internet. Even without a site-blocking law, major record labels and US Immigration and Customs Enforcement shut down a popular hip hop music blog and kept it off the internet for over a year without ever showing that it infringed copyright. And unscrupulous characters use accusations of infringement to extort money from website owners, or even force them into carrying spam links.

This censorious abuse, whether intentional or accidental, is far more damaging when it targets the internet’s infrastructure. Blocking entire websites or groups of websites is imprecise, inevitably bringing down lawful speech along with whatever was targeted. For example, suits by Microsoft intended to shut down malicious botnets caused thousands of legitimate users to lose access to the domain names they depended on. There is, in short, no effective safeguard on a new censorship power that would be the internet’s version of police seizing printing presses.

Even if this didn’t endanger free expression on its own, once new tools exist, they can be used for more than copyright. Just as malfunctioning copyright filters were adapted into the malfunctioning filters used for “adult content” on tumblr, so can means of site blocking. The major companies of a single industry should not get to dictate the future of free speech online.

Why the MPA is announcing this now is anyone’s guess. They might think no one cares anymore. They’re wrong. Internet users rejected site blocking in 2012 and they reject it today.