Following an FBI raid of his home last year, the freelance journalist Tim Burke has been arrested and indicted in connection with an investigation into leaks of unaired footage from Fox News. The raid raised questions about whether Burke was being investigated for First Amendment-protected journalistic activities, and EFF joined a letter calling on the Justice Department to explain whether and how it believed Burke had actually engaged in wrongdoing. Although the government has now charged Burke, these questions remain, including whether the prosecution is consistent with the DOJ’s much-vaunted policy for charging criminal violations of the Computer Fraud and Abuse Act (CFAA).

The indictment centers on actions by Burke and an alleged co-conspirator to access two servers belonging to a sports network and a television livestreaming service respectively. In both cases, Burke is alleged to have used login credentials that he was not authorized to use, making the access “without authorization” under the CFAA. In the case of the livestream server, he is also alleged to have downloaded a list of unique, but publicly available URLs corresponding to individual news networks’ camera feeds and copied content from the streams, in further violation of the CFAA and the Wiretap Act. However, in a filing last year seeking the return of devices seized by the FBI, Burke’s lawyers argued that the credentials he used to access the livestream server were part of a “demo” publicly posted by the owner of the service, and therefore his use was not “unauthorized.”

Unfortunately, concepts of authorization and unauthorized access in the CFAA are exceedingly murky. EFF has fought for years—with some success—to bring the CFAA in line with common sense notions of what an anti-hacking law should prohibit: actually breaking into private computers. But the law remains vague, too often allowing prosecutors and private parties to claim that individuals knew or should have known what they were doing was unauthorized, even when no technical barrier prevented them from accessing a server or website.

The law’s vagueness is so apparent that in the wake of Van Buren v. United States, a landmark Supreme Court ruling overturning a CFAA prosecution, even the Justice Department committed to limiting its discretion in prosecuting computer crimes. EFF felt that these guidelines could have gone further, but we held out hope that they would do some work in protecting people from overbroad use of the CFAA.

Mr. Burke’s prosecution shows the DOJ needs to do more to show that its charging policy prevents CFAA misuse. Under the guidelines, the department has committed to bringing CFAA charges only in specific instances that meet all of the following criteria:

• the defendant’s access was not authorized “under any circumstances”
• the defendant knew of the facts that made the access without authorization
• the prosecution serves “goals for CFAA enforcement”

If Mr. Burke merely used publicly available demo credentials to access a list of public livestreams which were themselves accessible without a username or password, the DOJ would be hard-pressed to show that the access was unauthorized under any circumstances and he actually knew that.

This is only one of the concerning aspects of the Burke indictment. In recent years, there have been several high-profile incidents involving journalists accused of committing computer crimes in the course of their reporting on publicly available material. As EFF argued in an amicus brief in one of these cases, vague and overbroad applications of computer crime laws threaten to chill a wide range of First Amendment protected activities, including reporting on matters of public interest. We’d like to see these laws—state and federal—be narrowed to better reflect how people use the Internet and to remove the ability of prosecutors to bring charges where the underlying conduct is nothing more than reporting on publicly available material.

Related Cases: Van Buren v. United States

The House Permanent Select Committee on Intelligence (HPSCI) has introduced the FISA Reform and Reauthorization Act of 2023–an absolutely awful bill that ignores years of abuse and unconstitutional surveillance in order to renew a mass surveillance law with no real changes, reforms, or new oversight.

Section 702 of the Foreign Intelligence Surveillance Act is set to expire on December 31, 2023, and there is currently a race to see what bill will renew Big Brother’s favorite surveillance law. Any reauthorizations must come with significant reforms in order to protect the privacy of people’s communications. To that end, the choice is clear - we urge all Members to vote NO on the Intelligence Committee’s bill, H.R.6611, the FISA Reform and Reauthorization Act of 2023.

We’ve been challenging the National Security Agency's mass surveillance of ordinary people since we first became aware of it nearly twenty years ago. Since then, tens of thousands of supporters have joined the call to fight what became Section 702 of the FISA Amendments Act, a law which was supposed to enable overseas surveillance of specific targets, but has become a backdoor way of mass spying on the communications of people in the U.S. Now, Section 702 is back up for a major renewal since it was last approved in 2018, and we need to pull out all the stops to make sure it is not renewed without massive reforms and increased transparency and oversight. 

Section 702 is up for renewal, so we decided our shirts should reflect the ongoing fight. For the first time in a decade, our popular NSA Spying shirts are back, with an updated EFF logo and design. The image of the NSA's glowering, red-eyed eagle using his talons to tap into your data depicts the collaboration of telecommunication companies with the NSA - a reference to our Hepting v. AT&T and Jewel v. NSA warrantless wiretapping cases. Every purchase helps EFF’s lawyers and activists stop the spying and unplug big brother.

Get your shirt in our shop today

Wear this t-shirt to proudly let everyone know that it’s time to rein in mass surveillance. And if you haven’t yet, let your representatives know today to Stop the Spying. 

EFF is a member-supported nonprofit and we value your contributions deeply. Financial support from people like you has allowed EFF to educate the public, reach out to lawmakers, organize grassroots action, and challenge threats to digital freedom at every turn.  Join the cause now to fight government secrecy and end illegal surveillance!

EFF is a U.S. 501(c)(3) organization and donations are tax deductible to the full extent provided by law.

　昨年12月も公共放送NHKで不祥事が相次いで明るみに出た。　21日、NHK広報局は規定に反して内部監査資料を持ち出した3人の職員の停職1か月の処分を発表した。流出資料の内容は明らかにされていない。　19日には、報道局社会部の30代の記者が私的飲食代を取材と称して410件総額789万円も不正請求していたことを公表した。NHKが設置した第三者委員会は、「組織としての管理活動の不足や監視体制の不足だけでなく、NHK職員の倫理観の不足も事案の発生につながった原因の一つ」「報道局長や..

Incarceration rates in the United States have long been among the highest in the world, and in response to the systemic flaws and biases unveiled by the renewed scrutiny of the criminal legal system, many advocates have championed new policies aimed at reducing sentences and improving conditions in prisons. Some have touted the use of electronic monitoring (EM) as an alternative fix to ensure that people whose cases have yet to be adjudicated are not physically detained. Unsurprisingly, those most often making these claims are the for-profit firms offering EM technology and the governmental agencies they contract with, and there is little data to back them up. In a new report, the Vera Institute of Justice provides the most detailed data yet showing that these claims don’t match reality, and outlines a number of issues with how EM is administered across the country.

Another Private Sector Wild West

According to interviews and an analysis of policies across hundreds of jurisdictions, the Vera Institute found that the use of EM was an unregulated patchwork across counties, states, and the federal government. As private firms market new products, the level of testing and quality assurance has failed to keep up with the drive to get contracts with local and state law enforcement agencies. Relying on technology produced by such a disordered industry can lead to reincarceration due to faulty equipment, significantly increased surveillance on those being monitored and their household, and onerous requirements for people under EM than when dealing with probation or parole officers.

The lack of correlation between EM and decarceration and the advancement in EM technology suggests that EM, rather than serving as an alternative to detention, is merely another tool in the government's arsenal of carceral control. 

Even the question of jurisdictional authority is a mess. The Vera Institute explains that agencies frequently rely on private firms that further subcontract out the hardware or software, and individuals in rural areas can create profitable businesses for themselves that only serve as a middleman between the criminal justice system and the hardware and software vendors. The Vera Institute suggests that this can lead to corruption, including the extortion by these small subcontractors of people held on EM, often with no oversight or public sector transparency. That presents a problem to the data collection, public records requests, and other investigative work that policymakers, advocates, and journalists rely on to find the truth and inform policy.

Further, the costs of EM are frequently passed on to the people forced to use it, sometimes regardless of if they have the means to pay, whether the EM is an obstacle to their employment, or whether they are under monitoring pre-trial (where presumption of innocence should apply) or post-sentencing (after a guilty verdict). And these costs don’t necessarily buy them greater “liberty,” as many forms of hardware or app-based software increased around-the-clock surveillance at the hands of private firms, once again with little to no oversight or ability to access data through public records requests.

ICE doubles down on electronic monitoring

According to the Vera Institute’s estimates, from 2017 onwards the single largest user of EM in the United States has been Immigration and Customs Enforcement (ICE) as part of its Alternative To Detention (ATD) programs. And in the last few years, that usage has skyrocketed: Vera’s report states that between 2021 and 2022, the number of adults under ICE's EM program more than tripled, from 103,900 to 360,000.

For those currently under ICE’s EM surveillance, their experience is primarily dictated by a single company: BI Incorporated, from whom ICE has purchased all its EM infrastructure since 2004. While BI’s offerings have recently shifted away from the GPS-enabled ankle monitors known to shock and cut their users towards smartphone apps and smartwatches, a 2022 investigation from The Guardian revealed that monitored people experience a lack of technical support from BI, frequent bugs that can prevent them from complying with mandatory check-ins, and few protocols for how their issues are handled.

On top of all of these issues, a 2022 joint investigation led by Just Futures Law claims that ICE and BI’s policies for collecting and retaining people’s sensitive data are overbroad and self-contradictory. The uncovered documents showed vast amounts of extremely private information (including biometrics, location data, data about people’s contacts and communities, and more) were collected and potentially retained by ICE for up to 75 years. One document (p. 123) revealed that data collected by ATD programs can be used for mass arrests, as in the case of a Manassas, Virginia office sharing geolocation data with ICE to arrest 40 people.

[...] despite ICE’s use of EM being dubbed an “alternative to detention” (ATD), the rise of ATD program budgets has not coincided with a decrease in detention. Meanwhile, the programs have historically been used on “individuals who have been released from detention or who were never detained in the first place,” meaning they affect those who would otherwise be free from physical detention.

Given that the average individual will spend 558.5 days in an ATD program, this gives ICE access to a dizzying amount of highly sensitive data for decades to come; data which can (and has) been used to arrest and deport people.

No trend of correlation between electronic monitoring and decrease in physical detention

The Vera Institute found no general trend across jurisdictions that usage of EM led to a decrease in the physically incarcerated population. While the Vera Institute noted a tenfold increase in the number of individuals subjected to EM from 2005 and 2022, the physically incarcerated population only decreased by about 15%. Moreover, the incarcerated population decline is in large part due to COVID-19 directives, and it's unclear whether the downward trend will continue absent those restrictions.

Similarly, despite ICE’s use of EM being dubbed an “alternative to detention” (ATD), the rise of ATD program budgets has not coincided with a decrease in detention. Meanwhile, the programs have historically been used on “individuals who have been released from detention or who were never detained in the first place,” meaning they affect those who would otherwise be free from physical detention.

Electronic monitoring is an all-encompassing form of surveillance for the person being monitored. It tracks every movement they make, records some of the most private data from their daily life, and effectively serves as a “form of incarceration that happens outside of prison walls.”

Notably, EM technology has become more invasive and extensive. Traditional EM technology consisted of wearable devices equipped with Global Positioning System (GPS), radio frequency (RF), or Secure Continuous Remote Alcohol Monitoring (SCRAM) capabilities. However, newer technologies used by ICE and the criminal justice system may additionally employ facial recognition technology, voice recognition technology, and the gathering of real-time location tracking and various other biometrics via independent devices or mobile phone applications.

The lack of correlation between EM and decarceration and the advancement in EM technology suggests that EM, rather than serving as an alternative to detention, is merely another tool in the government's arsenal of carceral control. 

Decreasing carceral control

And yet, it is possible to decrease the population subject to physical incarceration as well as that on EM. In response to the social distancing requirements at the beginning of the COVID-19 epidemic, Salt Lake City released hundreds of people, decreasing the number of people in the Salt Lake County jail by 45%. Because the Sheriff’s Prison Labor Detail program, which administers EM for those in jail on low-level and nonviolent offenses, draws its participants from those still in Salt Lake City jails, the drop in jail population similarly affected EM eligibility.

This simultaneous reduction in both the physically incarcerated population and those subject to EM contrasted with other jurisdictions’ programs, which saw a sharp spike in the number of individuals subjected to EM in the wake of COVID-19, such as that by the Federal Bureau of Prisons.

Portland, Oregon was another location in which the jail population and EM population fell concurrently. In the wake of the killings of George Floyd and Breonna Taylor, the Multnomah County Department of Community Justice found that the EM had a disproportionate impact on communities of color. This led Portland officials to express a desire to pause resuming pre-pandemic levels of EM, which they recognized perpetuates the same obstacles to freedom and injustice as our carceral system and “generally has few rehabilitative benefits.”

A worrying trend gets worse

Electronic monitoring is an all-encompassing form of surveillance for the person being monitored. It tracks every movement they make, records some of the most private data from their daily life, and effectively serves as a “form of incarceration that happens outside of prison walls.” And like other types of prison tech in the United States, it’s largely unregulated, disproportionately targeted at Black and Brown people and immigrant communities, and exploitative of the people it claims to serve. It also fails to address many of the problems its advocates and marketers claim it solves. Despite being touted as an alternative to incarceration, EM frequently targets people who would otherwise not be detained. Despite being sold as a cost-saving measure, its price is often paid by those forced to use it.

Electronic monitoring generally requires some forms of data collection, and usually this involves some of the most sensitive data we produce: biometric, location, and personally identifying information. Some EM apps go beyond collecting what’s absolutely necessary from a user’s phone, and many include language in their privacy policies that allows for sharing data for marketing purposes, as well as with law enforcement without a warrant. This amount of data collection and sharing is appalling even when a user can fully consent to an app’s terms, much less when someone is coerced by the state to comply with them. ICE’s data collection and retention policies are particularly odious, and the 75-year retention policy for EM data should be revised.

The recent explosion in the popularity of EM, especially within ICE’s ATD programs, continues a disturbing trend. The Vera Institute’s report helps to shine a light on this pervasive and unregulated industry, but it shouldn’t be this hard to determine how prevalent EM’s use is. People have the right to know how their criminal justice system functions, and that right extends to the private companies who profiteer from it. The report concludes by suggesting a number of policy recommendations, including national reporting requirements for EM's use, prohibition of private vendors running EM programs, and an elimination of user fees. We think these represent the minimum of what must be done: lawmakers must do much more to protect people from privacy violations and ensure that EM doesn't extend the harms of incarceration to those who would otherwise be free from physical detention.

令和6年能登半島地震の影響を踏まえた住民基本台帳ネットワークシステムに関する住民基本台帳事務の取扱いについて（通知）（令和6年2月22日）

LINEヤフー株式会社と共同制作した図解コンテンツの公開