EFF to Supreme Court: Put Texas Social Media Law Back on Hold

13 hours 13 minutes ago
Users Should Be Able to Choose Among Platforms With Different Moderation Policies

WASHINGTON, D.C.—The Electronic Frontier Foundation (EFF) today urged the U.S. Supreme Court to halt enforcement of Texas’ constitutionally questionable social media law, which allows the state to dictate what speech platforms must publish and may lead to more, not less, censorship of user expression as platforms face a storm of lawsuits.

EFF,  joined by the Center for Democracy and Technology, the National Coalition Against Censorship, R Street Institute, the Wikimedia Foundation, and the Woodhull Freedom Foundation, said in an amicus brief filed today that the U.S. Court of Appeals for the Fifth Circuit erred last week when it lifted, without explanation, an injunction barring enforcement of the law. The order was put in place by a district court that found the law violated platforms’ First Amendment rights to curate content on their sites as they see fit.

Texas HB 20 prohibits Twitter, Facebook, and other big social media platforms from “censor[ing] a user, a users’ expression or a users’ ability to receive the expression of another person” based on the speaker’s viewpoint, whether expressed on or off the site, which covers nearly all common content moderation practices. It allows Texas residents or the state attorney general to sue platforms for any kind of negative treatment to a user or a post, including take down and down-ranking posts, and suspending, shadowing, or canceling accounts.

The Supreme Court must consider whether the district court’s order was in the public interest and whether it correctly applied accepted standards. EFF argues that the Fifth Circuit’s ruling is wrong because what it defines as censorship are well-established practices designed to serve users’ interests. Users are best served when they can choose among social media platforms with different editorial policies. While content moderation at scale is difficult to get right, it blocks content that some users don’t want to see, like personal abuse and harassment, hateful speech, promotion of suicide and self-harm, and glorification of Nazi ideology.

Content moderation practices that can be construed as viewpoint-based, which is virtually all of them, are barred under HB 20, so platforms will have to drop or alter them in ways that harm users’ interests.

“Almost any decision they make is going to be perceived as a response to someone’s viewpoint,” said EFF Civil Liberties Director David Greene. “This will lead to a flood of lawsuits before the court has even ruled on the law’s constitutionality.”

“Some platforms may stop moderating and allow abusive speech back on their sites. And others may take down even more speech to try to defeat the impression that they are being biased. Either way, internet users, and particularly vulnerable and marginalized speakers, will suffer,” Greene said.

Tech industry groups NetChoice  and the Computer and Communications Industry Association (CCIA) sued Texas last year to block the law. The plaintiffs today filed an emergency application with the Supreme Court asking justices to overturn the appeals court ruling. 

For the brief:

SCOTUS Docket for NetChoice v. Paxton

Contact:  DavidGreeneCivil Liberties Directordavidg@eff.org
Karen Gullo

Podcast Episode: An AI Hammer in Search of a Nail

1 day 3 hours ago

It often feels like machine learning experts are running around with a hammer, looking at everything as a potential nail - they have a system that does cool things and is fun to work on, and they go in search of things to use it for. But what if we flip that around and start by working with people in various fields - education, health, or economics, for example - to clearly define societal problems, and then design algorithms providing useful steps to solve them?

Rediet Abebe, a researcher and professor of computer science at UC Berkeley, spends a lot of time thinking about how machine learning functions in the real world, and working to make the results of machine learning processes more actionable and more equitable.

Abebe joins EFF's Cindy Cohn and Danny O’Brien to discuss how we redefine the machine learning pipeline - from creating a more diverse pool of computer scientists to rethinking how we apply this tech for the betterment of society’s most marginalized and vulnerable - to make real, positive change in people’s lives.

%3Ciframe%20height%3D%2252px%22%20width%3D%22100%25%22%20frameborder%3D%22no%22%20scrolling%3D%22no%22%20seamless%3D%22%22%20src%3D%22https%3A%2F%2Fplayer.simplecast.com%2F291e8f4c-ac54-45c0-bf18-65c65641803a%3Fdark%3Dtrue%26amp%3Bcolor%3D000000%22%20allow%3D%22autoplay%22%3E%3C%2Fiframe%3E Privacy info. This embed will serve content from simplecast.com


This episode is also available on the Internet Archive.

In this episode you’ll learn about:

  • The historical problems with the official U.S. poverty measurement 
  • How machine learning can (and can’t) lead to more just verdicts in our criminal courts
  • How equitable data sharing practices could help nations and cultures around the world
  • Reconsidering machine learning’s variables to maximize for goals other than commercial profit

Rediet Abebe is an Assistant Professor of Computer Science at the University of California, Berkeley, a Junior Fellow at the Harvard Society of Fellows, and a 2022 Andrew Carnegie Fellow who conducts research in the fields of algorithms and artificial intelligence with a focus on inequality and distributive justice concerns. She serves on the Executive Committee for the ACM Conference on Equity and Access in Algorithms, Mechanisms, and Optimization and was a Program Co-Chair for the inaugural conference. She also co-founded and co-organized the related MD4SG (Mechanism Design for Social Good) research initiative as well as the non-profit organization Black in AI, where she sits on the Board of Directors and co-leads the Academic Program. She earned a Bachelor’s degree in Mathematics and a Master’s degree in Computer Science from Harvard University, a Master of Advanced Studies in Mathematics from the University of Cambridge, and a Ph.D. in Computer Science from Cornell University.


Music for How to Fix the Internet was created for us by Reed Mathis and Nat Keefe of BeatMower. 

This podcast is licensed Creative Commons Attribution 4.0 International, and includes the following music licensed Creative Commons Attribution 3.0 Unported by their creators: 


Machine Learning and AI:

Transparency and Inclusivity in AI:

Probabilistic Genome Cases:

Personal Ownership of Your Data:


Rediet: It's about how we build these tools, it's about how we conceptualize our role within society and within these different types of spaces, like the criminal legal space, and saying, what do we think is the thing that we would like to  see? What should our society look like? What would a just system look like? What would a more equitable community look like, in anything, in academic spaces and research spaces and just broadly, and say, what will we need to do to get there? And sometimes what we need to do is to step back and say, I think that I'm not going to be helpful, and so I'm going to not try to center myself. Sometimes it's building things that will challenge things that we've already built, or that will challenge other communities. And other times it's just being good community members and just showing up. It could literally save lives.

That's our guest Rediet Abebe. Rediet is a researcher and professor of computer science at UC Berkeley, where she's working on how to make the results of machine learning processes more actionable and more equitable.

Danny: She's also the co-founder of Black in AI and MD4SG, that's Mechanism Design for Social Good. She's going to shine a light on the way forward.

Cindy: I'm Cindy Cohn, EFF's Executive Director.

Danny: And I'm Danny O'Brien. Welcome to How to Fix the Internet. A podcast of the Electronic Frontier Foundation.

Cindy: Welcome Rediet.

Rediet: Thank you for having me.

Rediet, you spent a lot of time thinking about how machine learning works in the real world and how we can make sure that we're using it for good purposes and not bad. Could you give us some of the examples of some of the good uses of machine learning that you've identified and then we can unpack what goes into that?

Rediet: Decisions that you make, as let's say, a researcher in how you understand social problems, and how you choose to formulate them as machine learning problems or algorithm problems, and how you then choose to work on it, and whatever outcome you have, how you choose to deploy that.

And so, the same set of techniques could be used to do a lot of good or a lot of harm. A lot of my research these days is now really focused on taking the machine learning pipeline that we traditionally have within this community and expanding it, also taking responsibility for stages of that pipeline that are considered often outside of our scope of responsibility, which include translating social problems into the types of research problems that we would typically work with, machine learning problems. But then also taking the output, and thinking critically about how that gets translated into practice, into some intervention, what impact it might have on communities. And so, a lot of the work that I'm doing is critically examining that from both a technical perspective, but just also from a practice perspective, and saying that we should be expanding the pipeline.

Cindy: We're fixing the internet now, we can certainly talk about the problems, but I'd like to start with the things where things go. If we did it right, or where have we done it right?

Rediet: We have this large scale project that involves examining the use of machine learning in education. So, rather than diving into build tools, which of course, we're also working on, we also wanted to do a survey, a holistic survey and analysis of how machine learning is used in education. And we identified education experts, and we sat with them and we talked through the papers with them. We were like, "This paper's goal is to let's say, predict student dropout. And the goal there would be not just to predict it, but also to hopefully do something about it so that students are not dropping out of schools."

And so, that's an admirable goal, that's a goal that all of us can get behind, but that problem has to be concretely formulated into some machine learning problem, and then you have to find the right data set and all that, and then now you have this prediction that you're doing around which students are going to drop out, and hopefully you get to translate that into some real world intervention. 

So, just taking this student dropout risk example, we had this interview with someone at a large state university that also struggles a lot with student dropout. One of the things that they mentioned was "Okay, this paper is predicting which students are likely to drop out "What can we do with that? You tell me that some student is at high risk of dropping out, that's terrible. But in some sense, the deed is done." At that point you tell a student, "Hey, you're at high risk of dropping out." That's not necessarily useful to the student.

And you tell the schools, the student's dropping out, it doesn't necessarily tell them what can you do about it? And so, what he said was something subtle, but I really appreciated. He said, "Instead of predicting what students are going to drop out, why don't you predict, for instance which students are likely to miss class, they were already missed some number of classes, and maybe they're about to miss a third class or something.” We know that if students are missing several classes, that's a sign that they might be at risk of dropping out. But missing classes is a more actionable thing. We can tell students, 'Hey I've noticed that you've been missing a lot of  classes. I'm worried that you're going to miss more classes. What can we do here to support you to attend class.’ 

The point here is more subtle. It's saying you have your target variable, that target variable could be dropout, or it could be something actionable, like missing classes. And the second thing is something that they can more easily do something about the latter, not as clear.

Danny: The giant machine comes up with a bleeps and says, this person is more likely to drop out, but it doesn't give you strong clues about how it came to that decision. And in many ways, I mean, this is an obvious example, I guess, but if kids are missing school, and that's something that system has learned is an early indicator of that, it's better to know that what it's learned than to have it as this opaque machine that just claims that these people are doomed.

Rediet: If I tell you, for instance, that students' race is a partial explainer for dropout, there's nothing you can do about that. That's a fixed thing. Whereas student missing classes being an issue, maybe there is something you can do about it. It showed me in some sense that if we were working on these problems in a more bottom up way, you go to a university that has a lot of dropout issues, you talk to educators there and other staff supporting students, and you get a sense of what it is that they notice in the students. In some sense, they can just give you the problem, or you can collaboratively, participatory form the problem, rather than as machine learning people, deciding what we want to solve. And then after we've solved it, hoping that's what they wanted us to solve.

Danny: To what degree do you think that this is a problem that's located in machine learning and the nature of, I know, computer science or this part of computer science, and how much is it just related to the societal fact that people doing research or building these systems are often quite distant and quite uninvolved with people 

Rediet: A lot of research communities with this gap that exists, for instance, you can take health. This is one space where we've made a lot of advances in improving health outcomes for people, but not for everyone. So, we've made very few advances for health issues that impact black people, trans individuals, you name it. Like marginalized communities. And so, this gap definitely exists in other spaces.

But there is also something special to the machine learning AI space as well. It is a powerful set of technologies that are being built. There are a lot of resources that we have in machine learning and AI that is in some ways really unprecedented. There's a lot of organizations that are invested in it. And the other thing is also, the field is one of the least diverse fields out there.

I mean, that's just the fact. You can look at graduation patterns in undergraduate degrees, in graduate degrees. You can look at the faculty composition. We have, I think in computer science, in the U.S, among the PhD granting institutions, there's something like over 5,000 faculty, and of those fewer than a hundred of them are black, and something like fewer than 20 of them are black women. That's just one example. You look at native American, it's like in the single digits.

And so, it is a very homogenous community. As it stands right now, things are slightly improving. There's a really, really long way to go. And so, as long as our field, our research field continues to not be representative of the society that we're trying to impact, you're going to continue to have these gaps and these gaps are going to show up in our papers. And sometimes they show up in more subtle ways and other times they show up in not so subtle ways. And so, I think these issues around thinking about the community culture and who gets to be part of the community is really tightly integrated and intertwined with our research itself.

Cindy: I love this example, I’m wondering is there another one? Are there other places where you see how we could do it better in ways that are actually either happening or within the pipeline?

Rediet: Yes. Right now we're actually focused a lot on understanding policy, public policy, and where things might be going wrong. So, just to give you one concrete example right now, a lot of decisions around which services are going to be allocated to what individuals are made based off of measurements like the official poverty measurement in the U.S. And this official poverty measurement was something that was originally proposed by an economist, Mollie Orshansky, back in the sixties. So, this was over 50 years ago. It was really meant to be almost a proof of concept, a placeholder, not meant to be something that generally applied. And she even explicitly says, we should not be generally applying it.  And we're using it almost unchanged, outside of maybe inflation 50 years later.

Danny: Wow. 

Rediet: As time has gone on things are getting harder and harder for a lot of communities. And so, there are many people who are by any reasonable definition, struggling, but this official poverty measurement might not necessarily pick up. So, you end up in situations where someone is really in need of services and you use this very coarse, extremely outdated measurement, and you can't necessarily detect it in that way. One of the things that we are looking at is that, there's a lot of evidence that predicting bad life outcomes, like let's say poverty, is hard. And we're seeing that, okay, part of the reason might be that the way that we measure poverty itself is very ill defined. It's extremely outdated.

If you have an official poverty measurement that is so low, that it can't actually even reliably detect a lot of people were struggling, then does it actually matter what you're predicting here? And so, in some ways we're using these machine learning techniques and these kinds of results, like predicting life outcomes is hard, to really challenge public policy, and to say, Hey, the way that we're measuring this thing is actually not good, we think. 

Danny: In situations like that, how do you know that you are doing better? Do you anticipate a way that people could learn to change that and challenge that in the way you are challenging these earlier measurements?

Rediet: We all are feeding in value into these systems, there's no neutral value. And so, in some sense what we're doing here is to say, the knee jerk machine learning researcher reaction here may have been, you get some data, you're excited about the data, you're like, what can I predict here? And one of the things that you can predict is poverty. You Are like, great. I'm going to try to predict poverty. And of course that assumes a lot of things. Like as I mentioned, that the way we're measuring poverty is accurate or reasonable or useful. And that's a huge, huge assumption that you're making there. And so, what we did here is to challenge that in many ways. So, the first thing is rather than just taking things as given, we were like, okay, why is this a measure of poverty? Let's go back to the literature in the public policy and sociology and economic space and understand what conversations are happening there.

And there, you notice that there is actually very robust conversation happening around how we should be measuring poverty. There's alternatives that have been proposed, like the Supplemental Poverty Measurement, which captures a whole host of other things, like material hardship that you might be facing; are you able to pay your utilities? Are you able to pay your rent, that stuff. This is not something that you can necessarily always capture using people's income. 

And so, these are conversations that if you stayed within the more traditional machine learning space, you might not necessarily be exposed to unless you happen to be dealing with it as a person yourself. And so, we're challenging that by saying, hey, listen we don't have to take things as given. We can go back and see what the debates are that are, happening out there, out in other fields, out in communities, out in policy spaces, and see how we can potentially contribute to that.

Cindy: It does feel sometimes like people who love machine learning are running around with this hammer, trying to make everything into a nail. "I've got this cool system, it's great, it can do stuff that feels like magic. Plus it's fun for me to work on. So, let me start looking around for things that I can use it for." And what I hear you saying is we really need to flip that around. We need to start with the people who are on the ground, what their problems are, and then make sure that the things that we're doing are actually giving them actionable steps. 

Cindy: In addition to making sure that the things we're using machine learning and algorithmic training techniques on are the good things, I think that there's all a strain of concern, that there are things that we shouldn't be using these systems on at all. I know you've thought about that as well.

Rediet: We have this large scale project we're working on, focused on statistical software used in the criminal legal system,it's used at pretrial, investigation, prosecution, post-trial. And we've been especially interested in machine learning as physical software used as evidence. So, these are cases is where you could have something like a Probabilistic Genotyping Software that could be used on samples that are found from crime scenes and used to convict people. We really need to have a serious conversation on the machine learning side, about what tools should even be used as evidence, because that's a really high bar.

Danny: How does that happen?   What's the process by which a machine learning approach or a system is put in place, and that leads to the wrongful conviction of a person?

Rediet: It could happen in several ways. So, one is just, even before you're brought to trial, you're not brought to trial just randomly. You don't pick up a random person off the street and you're like, "You're on trial today." There's a lot of things that happen. And a lot of statistical and machine learning tools that are used up until that point to "identify the person", I'm putting that in quotations, to make all sorts of decisions. There's also just the fact that in the U.S, we have incredible inequality and discrimination that surfaces in many different ways, including in what we criminalize. So, I think that's also important context to keep in mind. But what we're focused on in this project is specifically in software used as evidence, 

So, this is someone's on trial for some something, and there's just a set of evidence that I now get to present as a prosecution team and say this is why I think this person may have committed this crime, and that's used in discussions, and to make a decision around whether you think that and committed the crime or not. And sometimes that can be like a person I could say, "Oh, I know I totally saw Danny walking down the street at this hour" or something, and you get to question me, cross examine me. And say is, "Your eyesight good? Have you updated your prescription?" Any number of things.

And so, what happens is that I, as a prosecutor get to just like use some software that has not been properly validated, that it's now spitting some number, and we have to use that as evidence. And the defense might not necessarily have the ability to cross examine that. And I get to bring witnesses, like the CEO of the organization to say, "Oh, the software is actually awesome. Let me tell you bunch of things."

Danny: It has the force of some scientific fact. So, someone will stand up and say, this shows that there's a one in a million chance that this isn't the defendant, and people believe that, but they can't challenge it. And the defense doesn't have the technical expertise to say, "Yes, but if his sister also touched it, wouldn't that change the thing?" I see.

Danny: “How to Fix the Internet” is supported by The Alfred P. Sloan Foundation’s Program in Public Understanding of Science. Enriching people’s lives through a keener appreciation of our increasingly technological world and portraying the complex humanity of scientists, engineers, and mathematicians.

Cindy: EFF has done a bunch of these probabilistic genome cases and working with people in this. And so, the there's a threshold level problem, that often the company will claim a trade secret in how the technology works, which means that defense doesn't have access to it at all. The second thing is that, they will often point to papers about how great their system is, that were written just by them.  we've managed in a couple of cases to get access to the actual systems and have found horrific problems in them, that they're not actually very good, and that there's a finger on the scale on things. And sometimes it's just that it's poorly designed, not that anybody has evil intent. There's supposed to be a standard in the law called the Daubert Standard that make sure that technologies that are introduced in cases have been vetted. And honestly, it's not being followed at the level of rigor that is needed right now.

Rediet: This is precisely what we are, what we're working on. And this is a joint project with a lot of amazing people, including Angela Zhen and John Miller who are graduate students here at Berkeley, and Rebecca Wexler, who was an intern at EFF, and is a close collaborator of mine, and Ludwig Schmidt, and Moritz Hart also. So, what we're working on here is precisely what you mentioned. You have this Daubert Standard that would be followed in a lot of different cases, but in statistical and the use of statistical software used as evidence, I think right now, it's just not happening, I think. And it in the same way that, if someone was a witness and goes up to the stand and says a bunch of things, and you're able to cross examine them, you should also have that ability with the statistical software. And currently, we don't actually have a framework for doing that.

The legal system the U.S is meant to have these two sides, one of which is meant to prove innocence and the other is meant to prove guilt. And the idea is that, in a situation where these two sides are equally resourced and all that stuff, then maybe you're able to go about this truth seeking process in a more reliable way. But that's not what we have right now. There's an massive, massive imbalance. You have defense counsel who don't have time, who don't have resources, who don't have the energy to be able to challenge whatever the prosecution puts on the table. And then what next? This is completely unjust. And you end up having a lot of people wrongfully convicted for crime they didn't commit, and we're not doing anything about it. 

Cindy: I think it's tremendously important. And I think it's also helpful to judges. I think judges often feel like-

Rediet: Absolutely.

Cindy: ... they are skeptical, or at least they want to be sure that they're relying on good evidence, but they don't have the tools to know what they don't know.

Rediet: Absolutely.

Cindy: So, I think that this is great for the defense, but it's also, I think, going to be helpful to the courts in general-

Rediet: Absolutely.

Cindy: ... to be able to have a way to think about I'm being presented this information, how much rely, how should I-

Rediet: Reason.

Cindy:  Yeah.

Rediet: There's just a lot of different ways we could be involved. So, one of the things that is happening in this organization called PD Query, it's by Dana Yow, who's a law student here at Berkeley. I think she's graduated now. So, PD Query  matches public defenders with graduate students with technical training to do work that's maybe even more straightforward for us, but could be really, really useful.

But you could really imagine scaling this up and doing something even bigger. So, one of the things that we could do now is to write cross examining questions.  that helps the defense side. You could write affidavits. You could write maybe even more generic way to file affidavits that could be signed by experts in their respective areas. So, you could have, for the Probabilistic Genotyping Software, you could have a computer science professor and someone in population genetics saying, "Hey this is what we understand about the tools, and these are the concerns that we have about them. Please proceed with caution if you, it, in these types of situations." I think there's just so much the machine community could do, both in this more as like community members saying we have expertise, so we can just try to help people. These are things that will literally save lives. I mean, people are put on death row for this. They will literally save communities and families and avoid wrongful convictions and challenge our unjust system as it exists.

Cindy: It hurts a lot of people, it hurts the defendants, but it also hurts the other people who might be hurt by the person who really needed to go to jail, who didn't go to jail. So, the whole endeavor of criminal justice is aided by truth, and that's what these interventions are.

Rediet: And may I add one more thing? Can I just add one more thing? I think one other common misconception, I'm just assuming I have the ears of some people and I'm like really trying to pitch something. But one more thing I want to mention is, I think an unspoken, sometimes I guess it is spoken assumption, is that when you're working in this area, that it's technically less challenging. And let me tell you, I have never been more challenged than I have been in the past two years technically, honestly. When I started graduate school and I was doing stuff that was a lot more standard because I was like, "I want to get an academic job. So, I'm just not going to rock the boat." So, when I was doing stuff that was more standard, it was just, I mean, it was fun, but it was a lot more simple. This is a space that is challenging in so many different ways.

Danny: I can see how you're getting involved in connecting these dots is through creating your own institutions and organizations. And so, let's talk a little bit about Black in AI and also mechanism design for social good. 

Rediet: Mechanism design for social good was started as a graduate student reading group in 2016. It was eight of us. There was a very small group of people. And we were just trying to read stuff and understand where we could be useful with the set of techniques that we had. And now, fast forward, I won't tell you the whole story, but fast forward to now, it's this much broader community. It's thousands of people in hundreds of different countries and institutions, and the scope is also broader. 

Danny: Has the organization or your perceptions of the problems changed as it's become more global?

Rediet: There’s so many instances of this. So, one of the things that came out of this community is this larger project we have on data practices, primarily in Africa. Here in the U.S, there's obvious issues in data sharing, but we've gotten a lot of things under control.

If you're thinking in the, let's say Ethiopian context where I'm from, I've seen situations where data has been shared, that really should not be shared. There was no data sharing agreement. It included people's personally identifying information and it just passed around. A lot of data generated in the continent ends up to the benefit of those based outside of the continent, and especially those with no connections with the continent. And so, you have situations where literally those who collected the data and whose data is being collected don't have ownership rights over the data, and are not even able to buy it like everyone else would. You have situations like right now we're focused on open data, which of course, open software, but data, this is stuff that we get excited about, but there's some irony here. When you make something open, that's not necessarily equitable. It favors people like myself, who have the ability to go and work with that data, to work with the complexities of the data, who have a lot of compute power. And so, that's not actually equitable either. So you could still end up in a situation where open data of communities that are not given the resources could continue to just shut them out. So, it's not necessarily open in the sense that we would like to think that it is. So, lots of things that you could miss here that really shape how I understand the data economy in various parts of the world.

Danny: This is something that I spent some time tracking at EFF, because it was a huge concern because what I felt was that essentially that there were some countries and some regions that were being used as Guinea pigs for both data collection and data application.

Rediet: It's very disappointing and super common. I mean, it's incredibly common. And the common pattern that you observe here is that, it's, again, this gap that I mentioned to you, between those who are building something, doing research, whatever it is, and the people actually affected by it. Because they just talk to people, and you talk to people in such a way that they feel empowered, they'll let you know what's going to work and what's not going to work. And there's just so many things that you could get wrong. It's not just even the data collection. Even if we were to agree on the data set, there's even concepts like privacy, for instance. That mean different things in different parts of the world. 

Cindy: Give us a picture what, if we, what if we got this all right? 

Rediet: Shut off the internet for a bit, let's all take a break and just come back in a year.

Cindy: We need to reboot it.

Danny: Just close it down for repairs.

Cindy: Let's say that. I mean, because I think that you've identified so many important pieces of a better world. Like this looking at the whole pipeline of things, looking, talking, the people who are impacted, making sure the people are impacted just get told what's happening. And so, let's say we got all those things right, what values would we be embracing? What would be different about the world?

Rediet: So, I don't have the answers, which is good. I don't think anyone has the answers, but I have some things that I would start with. So, one of the things is that right now, a lot of what happens on the internet is profit driven. In many ways you can see how this primary goal being profit, maximization, being at the root of a lot of things that are going wrong. And so, that's one thing that's going wrong. And so, that of course brings up questions around like monopolies, it brings up questions around what kinds of regulations should we be putting in place?

These are not technical questions, but these are incredibly important questions that if you don't resolve, there's nothing that we can do here that will create a long lasting impact. So, that's one thing. And then instead, you have to decide, okay, what are the other values that we should be putting in? What are the things that we should be potentially maximizing for? And there, again, I don't think there's going to be a universal answer. I think that we have to embrace that different communities will need different things. And so, you have to figure out a way to move to more decentralized framework, where like one single entity does not get to impact billions of people in the way that it is now.

Unless we are able to figure out a way in which people are empowered, everyone is empowered, and especially those who are marginalized, because when you're marginalized, it's not like we're all starting from the same place. It's that like the marginalized person is more things have gone wrong for them. That is what that means. And so, we really have to focus on those communities and ways to empower those communities. And so, we really need to think about how we can create that first. And then from there, good things will happen. 

Cindy: It's important to note when things are getting better, but I don't think you have to say that things are getting better in order to try to envision a place where they are better. Too many people who I talk to, really think that we're, there's no better vision at all. And so, we want to give that better vision, because I don't think you can build a better world unless you can envision a better world. And we can be frank and brutal that we're not even headed toward that in some ways. We're headed against it in some places. And I think that's absolutely true why we celebrate our victories. We have to recognize that not everything is headed in the right direction.

Rediet: And I appreciate what you're saying here about just being able to articulate our vision for what a better world might be to ourselves, I think. And also, and to do so precisely, to be as precise as we can. And then also to one another, so we can have a conversation about it as well. So, I appreciate that.

Cindy: Thank you so much for coming. There’s such a rich conversation about how do we really rethink how we do machine learning and algorithmic decision making. And I thank you so much for taking the time to talk to us.

Rediet: Thank you so much, Cindy and Danny, 

Cindy: Well, that was a fascinating conversation. I really appreciate how she thinks about making sure machine learning gives actionable information. That we go beyond just the, can we predict something? And I think she's right that sometimes we actually can't predict something when we think we can, but more importantly, that our predictions need to move into actionable information. And the difference between just telling an educator that a student's at risk for dropping out versus telling the educator you need to watch for how many times they miss the class.  Those are two different inquiries. And recognizing the difference between the two of them is really important.

Danny: These are challenges about applying new academic or computer science techniques into the real world that have already existed. I love the story about the, as she was doing the investigation into how people measure poverty, that she realized that she found the embers of a 1960s research project that have been taken far too seriously. And even the researchers then, were trying to signal that this was tentative and not perfect. And again, it spreads out. I think that sometimes it's not the sin of machine learning, but the things that it reifies, or the data it sucks in. The stories of the hunger for data. Meaning that people stop considering about the privacy of data or the communities that they're drawing from, is an important lesson.

Cindy: She's deep into developing tools to help us get it right. Using machine learning in some instances to try to help alleviate the problems that machine learning is causing. And I think of the paper that they're writing about how to evaluate DNA evidence,  developing the systems to help the courts and advocates figure out whether that thing is working well. So, in some ways we've got machine learning, interrogating other machine learning. And I think that's fabulous, that's how we end at the balance where we think we're getting things more right.

Danny: Rediet, as, I think, a key figure doing this pitch to the machine learning community themselves to do the work to make things better. It was flattering that she thought though we are one of the podcasts they listened to, but also nice to know that this isn't the boring work.

Cindy: It's not just the coding. It's not the time when you're training up the model or the model is spitting out the results. It's actually looking all the way from what problems are you trying to solve? Are you defining the problems in a way that is actionable? And then what happens on the other side? What data are you feeding in? But then what happens on the other side of the actionable things being spit out?

Are they able to be implemented? And then how does it fit into the whole story?I think that one of the things that she's helping do is breaking machine learning out of this silo that it's just about the tech, and also breaking the pattern where the people doing machine learning don't look like all of the people who are impacted by their doing. The Black in AI and the other systems that she's building, really trying to make sure that we grow the number of people who are using these systems and developing these systems to better match the way that they're being used in the rest of the world.

Danny: Well, thanks again to Rediet Abebe. Thank you for joining us on How to Fix the Internet. If you want to let us know what you think about this or any other episode, do please write to us at podcast@eff.org. We do read every email. Music for How to Fix the Internet was created for us by Reed Mathis and Nat Keefe of Beat Mower. 

This podcast is licensed creative commons attribution 4.0 international, and includes music licensed under the creative commons attribution 3.0, Unported license by their creators. You can find those creators' names and links to their music in our episode notes or on our website at eff.org/podcast.

How to Fix the Internet is supported by the Alfred P. Sloan foundation's program in public understanding of science and technology. I'm Danny O'Brien.

Cindy: And I'm Cindy Cohn.

Josh Richman

British Citizen Alaa Abd El Fattah Demands An End to Mistreatment in Egyptian Prison

1 day 16 hours ago

Egyptian blogger, coder, and free speech activist Alaa Abd El Fattah is on day 45 of a hunger strike in protest of his mistreatment in an Egyptian prison. Alaa was sentenced, without due process, late last year, after spending two years at a maximum-security prison in Tora, 12 miles south of Cairo, in pre-trial detention. He was granted British citizenship in April, and civil society groups—including Access Now, Reporters Without Borders, Amnesty UK, English PEN, and EFF—are joining the call for the British government to assist him. 

If you are a British citizen, FreeAlaa.net has an action you can take. Be aware that it’s an external and not EFF link:

Urge Parliament to call for Alaa’s release

In the UK? Take action now!

Fattah and his family have reported dangerous conditions in the prison in the past. Speaking out against injustice is not new to Alaa: he has repeatedly been targeted and jailed for his vocal advocacy. He has spent much of the past eight years imprisoned. Currently, Alaa has reported that he is beaten whenever asking for rights that he should be given under the law. He has been unable to access books or exercise and, despite the British embassy requesting consular access since December, he has been denied consular visits.

Fattah’s most recent sentence was handed down for "spreading false news undermining national security" by the court. The trial was rife with due process violations, according to reports: defense lawyers were denied access to case files and not given a chance to present arguments. He has submitted numerous reports about mistreatment in the prison, which the Egyptian authorities have either ignored or used against him. Now that he is a British citizen, Alaa and his family hope that the country's government will be permitted to meet with him.

Some government officials are listening: Zarah Sultana, a member of Parliament since 2019, has urged Britain’s Secretary of State for Foreign, Commonwealth and Development Affairs to secure consular access for Alaa and to ask the Egyptian Ambassador to demand his release. If you’re in the UK, you can urge your Member of Parliament to call for Alaa’s release. 

Jason Kelley

EFF, Al Sur Launch Guide to Raise Awareness About Deficiencies in Cross-Border Surveillance Treaty and Strategies to Mitigate Human Rights Risks

1 day 19 hours ago

Download the report

Latin American countries have a choice to make in the coming months—whether to accede to a new set of rules for coordinating and cooperating with each other and nations around the world on criminal investigations. Opened for signature on May 12, the Protocol has already more than 20 signing States, pending their ratification. Chile and Colombia are part of the list.

The 10,000-word Second Additional Protocol to the Budapest Cybercrime Convention aims to make cross-border exchanges of electronic evidence, including personal data, faster and more efficient,  but it’s heavier on mandates increasing law enforcement  powers and lighter on mandatory human rights protections.

To help countries in the region garner an understanding of the Protocol, EFF, with the collaboration of Al Sur, today released a guide providing an overview of the new treaty. The guide examines how the Protocol was drafted and highlights some of its weaknesses, which include bypassing independent vetting of foreign police orders for personal data, failing to recognize that subscriber data can be highly revealing of people's lives and habits, and mandating law enforcement powers while making most human rights protections optional.

Importantly, the guide makes solid recommendations for steps countries can take to assess the Protocol and mitigate its human rights deficiencies if they choose accession—from reserving certain articles and bolstering existing privacy laws to assessing the legal and human rights impacts the Protocol will have on their privacy and data protection regimes.

We launch the guide along with a handy outline of key issues civil society organizations can raise in urging governments to carefully consider the implications of acceding to the treaty.

EFF and its partners spent months analyzing the Protocol’s text and pushing its drafters to add greater human rights safeguards. Among the Protocol’s 25 Articles, the guide especially focuses on Article 7, which deals with direct disclosure of subscriber information, Article 13, about general human rights protections, and Article 14, about protection of personal data. The guide also points out how the Protocol's provisions allowing direct foreign requests to service providers can be a negative influence for Latin American communications privacy frameworks, acting to establish a lower level of protection for accessing subscriber data and unveiling a user's identity.

Latin American countries that have ratified the 2001 Budapest Cybercrime Convention are eligible to accede to the Protocol. As the first set of international rules for cybercrime investigations, the Budapest Convention has influenced many related laws across the region. Given the desire by international law enforcement agencies for greater powers in cross-border criminal investigations, many countries may also ratify the new treaty despite, or even because of its weaknesses.

As such, the guide points out how the Protocol's provisions allowing direct foreign requests to service providers can be a negative influence for Latin American communications privacy frameworks, and potentially lead to a lower level of protection for accessing subscriber data and unveiling a user's identity.

Our advice is: countries should think twice about ratifying the Protocol. But for those that choose to accede, the guide is an important tool for ensuring countries do their best to protect the privacy and human rights of those who will be subject to the new treaty. We hope our recommendations shape national discussions on the Protocol so new surveillance powers don’t come without detailed legal safeguards.

Karen Gullo

Geofence Warrants and Reverse Keyword Warrants are So Invasive, Even Big Tech Wants to Ban Them

4 days 16 hours ago

Geofence and reverse keyword warrants are some of the most dangerous, civil-liberties-infringing and reviled tools in law enforcement agencies’ digital toolbox. It turns out that these warrants are so invasive of user privacy that big tech companies like Google, Microsoft, and Yahoo are willing to support banning them. The three tech giants have issued a public statement through a trade organization,“Reform Government Surveillance,'' that they will support a bill before the New York State legislature. The Reverse Location Search Prohibition Act, A. 84/ S. 296, would prohibit government use of geofence warrants and reverse warrants, a bill that EFF also supports. Their support is welcome, especially since we’ve been calling on companies like Google, which have a lot of resources and a lot of lawyers, to do more to resist these kinds of government requests.

Under the Fourth Amendment, if police can demonstrate probable cause that searching a particular person or place will reveal evidence of a crime, they can obtain a warrant from a court authorizing a limited search for this evidence. In cases involving digital evidence stored with a tech company, this typically involves sending the warrant to the company and demanding they  turn over the suspect’s digital data.

Geofence and reverse keyword warrants completely circumvent the limits set by the Fourth Amendment. If police are investigating a crime–anything from vandalism to arson–they instead submit requests that do not identify a single suspect or particular user account. Instead, with geofence warrants, they draw a box on a map, and compel the company to identify every digital device within that drawn boundary during a given time period. Similarly, with a “keyword” warrant, police compel the company to hand over the identities of anyone who may have searched for a specific term, such as a victim’s name or a particular address where a crime has occurred.

These reverse warrants have serious implications for civil liberties. Their increasingly common use means that anyone whose commute takes them goes by the scene of a crime might suddenly become vulnerable to suspicion, surveillance, and harassment by police. It means that an idle Google search for an address that corresponds to the scene of a robbery could make you a suspect. It also means that with one document, companies would be compelled to turn over identifying information on every phone that appeared in the vicinity of a protest, as happened in Kenosha, Wisconsin during a protest against police violence. And, as EFF has argued in amicus briefs, it violates the Fourth Amendment because it results in an overbroad fishing-expedition against unspecified targets, the majority of whom have no connection to any crime.

In the statement released by the companies, they write that, “This bill, if passed into law, would be the first of its kind to address the increasing use of law enforcement requests that, instead of relying on individual suspicion, request data pertaining to individuals who may have been in a specific vicinity or used a certain search term.” This is an undoubtedly positive step for companies that have a checkered history of being cavalier with users' data and enabling large-scale government surveillance. But they can do even more than support legislation in one state. Companies can still resist complying with geofence warrants across the country, be much more transparent about the geofence warrants it receives, provide all affected users with notice, and give users meaningful choice and control over their private data.

Matthew Guariglia

California Law Enforcement Now Needs Approval for Military-Grade Surveillance Equipment. We'll Be Watching.

5 days 14 hours ago

California residents finally have a law designed to dismantle some of the secrecy around domestic acquisitions of warzone surveillance equipment.

The weapons of the United States military—drones, mobile command centers, sound cannons, and more—have been handed off to local law enforcement for years. The transfers have equipped police departments with the ability to redirect surveillance tools and the weapons of war designed for foreign adversaries toward often-faultless targets on U.S. soil. For police departments getting the gear, the process is often secretive. If you don’t think your local law enforcement really needs an aerial surveillance system, or for that matter an MRAP (Mine-Resistant Ambush Protected vehicle), there hasn’t been too much you can do to stop these from joining the arsenal at your neighborhood police department. 

A.B. 481, a new California state law, went into effect at the beginning of May 2022 for equipment already in agencies’ possession and at the beginning of this year for new technologies. It requires democratic control of whether California state or local law enforcement agencies can obtain or use military-grade tools, whether they are received from the federal government, purchased, or utilized via some other channel. Through their elected officials, the public can say “no” to military surveillance and other technology, and it won’t be allowed to come to town.

A.B. 481 requires democratic control of whether California state or local law enforcement agencies can obtain or use military-grade tools, regardless of how it's obtained.

These democratic control measures include the creation of draft use policies that must be publicly posted, an opportunity for residents to organize and be heard, and a vote by the governing body at a public meeting. If the proposal is approved, the police then must provide regular reports on how the equipment has been used, and the public body must perform annual compliance reviews. The bill also mandates that agencies already in possession of military equipment obtain approval from the governing body by the end of 2022, or else stop using  them. 

A.B. 481 is modeled on Community Control of Police Surveillance (CCOPS) laws adopted in 18 communities across the country. It was sponsored by the The Women's Foundation of California, Women’s Policy Institute, Alliance for Boys and Men of Color, and The Stop Terror and Oppression by Police (STOP) Coalition. Where CCOPS ensures democratic control over local acquisition and use of all manner of surveillance technologies, A.B. 481 ensures democratic control over local acquisition and use of military technologies (including military surveillance technologies).

In California, there are more than 500 local law enforcement agencies, and the state is one of the biggest recipients of military transfers. In all, the federal program to transfer surplus military wares has moved more than $7.5 billion worth of equipment to local law enforcement since the program’s inception in 1990. 

Military equipment, for the purposes of the new law, encompasses a broad range of weapons and surveillance tools: 

  • Drones and unmanned vehicles of both the land and sky; 
  • Command & Control Vehicles (trucks equipped with computers and other equipment to collect and transmit various video and information feeds);
  • Tanks, MRAPs (mine-resistant ambush-protected vehicles), and Humvees;
  • Weaponized vehicles of any kind; 
  • Firearms of greater than .50 caliber;
  • Taser Shockwaves and LRADs (long-range acoustic devices, also known as sound canons); and
  • Projectile launchers.

It is important for there to be more transparency into law enforcement practices, and for communities to have democratic control of surplus military transfers, particularly for high-tech surveillance equipment. The enactment of A.B. 481 is an important step forward. 

It is important for there to be more transparency into law enforcement practices, and for communities to have democratic control of surplus military transfers, particularly for high-tech surveillance equipment. 

The proposed “military equipment use policy” is now the first step of the process for agencies trying to get military gear. This is a publicly available, written document that would govern the state or local agency’s use of this military equipment. It needs to do a few things: 

  • address the legal rules governing the use of the equipment;
  • outline the training required; and
  • describe the procedure by which the public can make complaints. 

A law enforcement agency then needs to get the approval of the jurisdiction’s governing body, like the City Council, in the form of a public meeting. The policy and other relevant materials need to be made available to the public on the agencies' website at least 30 days in advance. Residents who oppose the military equipment can use that month to organize in opposition.

Once approval is granted, the agency isn’t just free to use the equipment indefinitely. There will be an annual review for compliance with the use policy, based on an annual military equipment report. That report needs to contain: 

  • The quantity possessed for each type of military equipment;
  • A summary of how and for what purpose the military equipment was used;
  • A summary of any complaints or concerns received concerning the military equipment;
  • The results of any internal audits; 
  • Any information about violations of the use policy and the consequences;
  • The total annual cost for each type of military equipment, including acquisition, personnel, training, transportation, maintenance, storage, upgrade, and other ongoing costs, and from what source funds will be drawn the following year; and
  • The quantity sought for each type of additional military equipment the law enforcement agency intends to acquire in the next year.

Agencies have started posting their materials online, like these from Milpitas and the California Department of Corrections and Rehabilitation. Unfortunately, there have been rumblings from some in law enforcement against the need to disclose whether they have war-grade equipment. As we’ve seen in our compliance review of S.B. 978, which requires California police departments to post their policies online, adherence to new accountability measures can’t be taken for granted. Still, whether they like it or not, A.B. 481 makes hiding military-grade tools against the law for law enforcement. 

Beryl Lipton

In a Blow to Free Speech, Texas’ Social Media Law Allowed to Proceed Pending Appeal

5 days 19 hours ago

A constitutionally problematic Texas law limiting social media companies exercising their First Amendment rights to curate the content they carry can go into effect after a federal appeals court lifted a lower court’s injunction blocking it.

A three-judge panel of the U.S. Court of Appeals for the Fifth Circuit, in a 2-1 decision, lifted the injunction in a one-sentence order without giving a reason. The law, Texas HB 20, which prohibits large social media platforms from removing or moderating content based on the viewpoint of the user, can now be enforced while the court continues to consider the appeal.

This decision to allow the law to be enforced before the court has ruled on its legality is wrong. It creates great uncertainty, will likely spawn numerous lawsuits, and will chill protected speech, all to the detriment of users of large social media sites in the US and everywhere.

The lower court blocked the law for violating the First Amendment and Texas appealed. We filed amicus briefs in both the trial and appeals courts, arguing that the government cannot regulate editorial decisions made by online platforms about what content they host. We told the Fifth Circuit that, while the content moderation decisions of social media companies can be frustrating, internet users nevertheless are best served when the First Amendment protects companies' right to edit their platforms as they see fit.

Those protections ensure that social media sites can curate content free from governmental mandates, giving users a diverse array of forums to read and contribute to. Under HB 20 social media platforms “may not censor a user, a user’s expression, or a user’s ability to receive the expression of another person based on . . . the viewpoint of the user or another person.” Users and the Texas Attorney General can sue companies they believe violated the law.

HB 20 is clearly a retaliatory measure aimed at punishing platforms for an alleged anti-conservative bias. As EFF’s brief explained, the government can’t retaliate against disfavored speakers and promote favored ones. Moreover, HB 20 would destroy or prevent the emergence of even larger conservative platforms, as they would have to accept user speech from across the political spectrum.

The lawsuit was filed by tech industry groups NetChoice  and the Computer and Communications Industry Association (CCIA); NetChoice plans to appeal the ruling. In the meantime, it’s unclear how and whether it will be possible for the companies bound by the law to comply with it.

Karen Gullo

The EU Commission’s New Proposal Would Undermine Encryption And Scan Our Messages

6 days 11 hours ago

The executive body of the European Union published today a legislative proposal (text) that, if it became law, would be a disaster for online privacy in the EU and throughout the world. In the name of fighting crimes against children, the EU Commission has suggested new rules that would compel a broad range of internet services, including hosting and messaging services, to search for, and report, child abuse material. 

The Commission’s new demands would require regular plain-text access to users’ private messages, from email to texting to social media. Private companies would be tasked not just with finding and stopping distribution of known child abuse images, but could also be required to take action to prevent “grooming,” or suspected future child abuse. This would be a massive new surveillance system, because it would require the infrastructure for detailed analysis of user messages.

The new proposal is overbroad, not proportionate, and hurts everyone’s privacy and safety. By damaging encryption, it could actually make the problem of child safety worse, not better, for some minors. Abused minors, as much as anyone, need private channels to report what is happening to them. The scanning requirements are subject to safeguards, but they aren’t strong enough to prevent the privacy-intrusive actions that platforms will be required to undertake. 

Unfortunately, this new attempt to mandate a backdoor into encrypted communications is part of a global pattern. In 2018, the Five Eyes—an alliance of the intelligence services of Canada, New Zealand, Australia, the United Kingdom, and the United States—warned that they will “pursue technological, enforcement, legislative or other measures to achieve lawful access solutions” if the companies didn’t voluntarily provide access to encrypted messages. With the urging of the Department of Justice, U.S. Congress tried to create backdoors to encryption through the EARN IT Act, in 2020 and again earlier this year. Last fall, government agencies pressured Apple to propose a system of software scanners on every device, constantly checking for child abuse images and reporting back to authorities. Fortunately, the Apple program appears to have been shelved for now, and EARN IT is still not law in the U.S. 

The European Union prides itself on high standards for data protection and privacy, as demonstrated by the adoption of the General Data Protection Regulation, or GDPR. This new proposal suggests the EU may head in a dramatically different direction, giving up on privacy and instead seeking state-controlled scanning of all messages. 

European civil society groups that deal with digital freedoms, including European Digital Rights (EDRi), Germany’s Society for Civil Rights, the Netherlands’ Bits of Freedom, and Austria’s epicenter.works have expressed grave concerns about this proposal as well. 

Fortunately, the misguided proposal published today is far from the final word on this matter. The European Commission cannot make law on its own. We don’t think the EU wants to cancel everyday people’s privacy and security, and we are ready to work together with Members of the European Parliament and EU member states’ representatives to defend privacy and encryption. 

Joe Mullin

EFF to Court: Fair Use is a Right Congress Cannot Cast Aside

6 days 16 hours ago

Copyright law and free expression have always been in tension, with the courts protecting speech from overzealous copyright claims using legal doctrines such as fair use. But in 1998, Congress passed the Digital Millennium Copyright Act, and since then courts have interpreted its “anti-circumvention” provision to give rightsholders the unprecedented power to block even fair uses of their works, whenever that use requires bypassing an access control like encryption or DRM.

This has harmed independent filmmakers when they try to include clips from other works in their own. It’s harmed people with visual disabilities who need to run text-to-speech software on their e-books in order to enjoy them, and people with hearing disabilities who rely on captioning to enjoy videos they purchase. It’s prevented educators from teaching media literacy and it’s prevented security and safety researchers from understanding electronic devices to keep us all safer. It keeps people from reading the code in the things they buy, from cars to tractors to home appliances, preventing us from understanding how these devices work and harming the market for independent repair and follow-on innovation.

Fair users can get sometimes get temporary and partial relief through the rulemaking process run by the Copyright Office, but that only underscores the fundamental problem: Section 1201(a) of the DMCA turned the right to make fair uses into a contingent privilege that you have to beg for in advance – with no binding legal standards to protect your right to speak.

That’s why we sued the government on behalf of security researcher Matthew Green and technologist bunnie Huang, working with law firm Wilson Sonsini Goodrich & Rosati. The case is now on appeal, and we’ve just concluded the briefing, with amicus support from law professors, disability rights advocates, filmmakers, and more.

The government defends the law by arguing that it only burdens conduct, not speech. Nonsense: the law is a direct ban on accessing information so that it can be communicated and adapted. It also directly bans providing instructions on how to do this in the form of software or a service. It restricts a wide range of legitimate speech, without adding much if anything to the government’s arsenal of tools to combat actual copyright infringement. Since someone circumventing in order to infringe is already an infringer, the law primarily impacts people who are circumventing for a non-infringing purpose, such as research, education, or just to enjoy the e-book they bought.

This disastrous law has interfered with creativity, research, and innovation for far too long. We hope the Court of Appeals for the D.C. Circuit agrees and restores the traditional balance between rightsholders and subsequent speakers.

Related Cases: Green v. U.S. Department of Justice
Kit Walsh

How to Disable Ad ID Tracking on iOS and Android, and Why You Should Do It Now

6 days 17 hours ago

The ad identifier - aka “IDFA” on iOS, or “AAID” on Android - is the key that enables most third-party tracking on mobile devices. Disabling it will make it substantially harder for advertisers and data brokers to track and profile you, and will limit the amount of your personal information up for sale.

This post explains the history of device ad identifiers and how they have enabled persistent tracking, identification, and other privacy invasions. 

But first things first. Here’s how to revoke tracker access to your ad ID right now:

On Android 

Open the Settings app, and navigate to Privacy > Ads. Tap “Delete advertising ID,” then tap it again on the next page to confirm. This will prevent any app on your phone from accessing it in the future.

The Android opt out is available on Android 12, but may not available on older versions. Instead, you can reset your ad ID and ask apps not to track you as below:


On iOS 

Apple requires apps to ask permission before they can access your IDFA. When you install a new app, it may ask you for permission to track you.


Select “Ask App Not to Track” to deny it IDFA access.

To see which apps you have previously granted access to, go to Settings > Privacy > Tracking. The menu should look like this:

Here you can disable tracking for individual apps that have previously received permission. Only apps that have permission to track you will be able to access your IDFA.

You can set the “Allow apps to Request to Track” switch to the “off” position (the slider is to the left and the background is gray). This will prevent apps from asking to track in the future. If you have granted apps permission to track you in the past, this will prompt you to ask those apps to stop tracking as well. You also have the option to grant or revoke tracking access on a per-app basis.

Apple has its own targeted advertising system, separate from the third-party tracking it enables with IDFA. To disable it, navigate to Settings > Privacy > Apple Advertising:


Set the “Personalized Ads” switch to the “off” position to disable Apple’s ad targeting.


In the early days of smartphones, trackers used static device identifiers - the “Unique Device Identifier” (UDID) on iOS, and the “Android ID” on Android - to track users across apps. These identifiers were unique, permanent, and were frequently accessed by third parties without user knowledge or consent.. 

This was rightfully considered a problem for user privacy. A 2010 investigation by the Wall Street Journal exposed the extent of the issue, and in 2011, after a series of probing questions from US members of congress, Apple began restricting access to the UDID

The industry had already begun to rely on data collection tied to UDID, and trackers scrambled to adapt to the change. Then, in 2012, Apple quietly introduced the Identifier for Advertisers (IDFA). IDFA was almost identical to the UDID it replaced: it was a globally unique identifier that was available to all apps by default. The biggest difference was that IDFA could be reset -- though this was only possible if users knew what to look for. Apple also allowed users to enable a setting called “Limit Ad Tracking.” This sent a signal to apps asking them not to track, but it did not actually affect the apps’ ability to access IDFA.

Android followed suit in 2013, introducing the Android Advertising Identifier (AAID). Like Apple, Google made its identifier available to all apps by default, without any special permission. It also allowed users to reset their ad identifier, but not restrict access to it or delete it.

In 2016, Apple updated Limit Ad Tracking to set the IDFA to a string of zeroes - effectively deleting it. This meant that for the first time, users had an effective, technical opt-out of IDFA tracking.

In 2021, Apple introduced App Tracking Transparency (ATT), which requires apps to get affirmative consent before they can track users with IDFA or any other identifier. This had an enormous impact on the tracking industry. While previously, about 20% of users chose to opt out of tracking (meaning 4 out of 5 were “opted in”), after the change, the vast majority of users have chosen not to allow tracking. Defaults matter.

Meanwhile, Android finally started rolling out a way for users to disable their ad ID.As of April 1, 2022, Android also requires developers to request a separate permission in order to access the ad ID. However, this is treated as a “normal” permission, meaning users don’t see any pop-up asking for their consent. Despite the ad ID’s central role in enabling third-party tracking, the developer documents explain that this kind of permission is for data that presents “very little risk to the user's privacy.” In other words, Android’s ad ID is still exposed on an opt-out basis, and users have to go out of their way to defend their privacy on the platform.

In February, Google also indicated that it may eventually phase out the ad ID altogether. It plans to bring a version of the Privacy Sandbox framework to mobile devices to support behavioral advertising “without reliance on cross-app identifiers.” But Google assured developers that it won’t change anything substantial about the ad ID for “at least two years.”

Why It Matters

The ad identifier is a string of letters and numbers that uniquely identifies your phone, tablet, or other smart device. It exists for one purpose: to help companies track you. 

Third-party trackers collect data via the apps on your device. The ad ID lets them link data from different sources to one identity you. In addition, since every app and tracker sees the same ID, it lets data brokers compare notes about you. Broker A can buy data from broker B, then use the ad identifier to link those two datasets together. Simply, the ad ID is the key that enables a whole range of privacy harms: invasive 3rd-party profiling by Facebook and Google, pseudoscientific psychographic targeting by political consultants like Cambridge Analytica, and location tracking by the U.S. military.

Sometimes, participants in the data pipeline will argue that the ad ID is anonymous or pseudo-anonymous, not “personally identifying” information, and imply that it does not pose a serious privacy threat. This is not true in practice. First, the ad ID is commonly used to help collect data that is obviously personally identifiable, like granular location data. If you can see where a person works, sleeps, studies, socializes, worships, and seeks medical care, you don’t need their email address to help identify them. And second, an entire industry exists to help trackers link ad IDs to more directly identifying information, like email addresses and phone numbers. In a vacuum, the ad ID may be anonymous, but in the context of the tracking industry, it is a ubiquitous and effective identifier.

Disabling this ID makes it substantially harder for most advertisers and data brokers to track you. These industries process data from millions or billions of users every day, and they rely on convenient technologies like the ad ID to make that kind of scale possible. Removing this tool from their toolbox will result in substantially less data that can be associated with you in the wild. It is not only beneficial to your privacy, it also makes the surveillance advertising industry less profitable. And don’t take our word for it: Facebook has said that Apple’s App Tracking Transparency feature would decrease the company’s 2022 sales by about $10 billion.

But although it’s a good first step, removing your ad ID won’t stop all tracking. If you are concerned about a specific privacy-related threat to yourself or someone you know, see our other resources, including Digital Security and Privacy Tips for Those Involved in Abortion Access. You can also check out EFF’s guides to surveillance self-defense, including personal security plans, attending a protest, and privacy on mobile phones. These resources are organized into playlists such as this one for reproductive healthcare providers, seekers, and advocates.

Bennett Cyphers

What Companies Can Do Now to Protect Digital Rights In A Post-Roe World

1 week ago

The increasing risk that the Supreme Court will overturn federal constitutional abortion protections has refocused attention on the role digital service providers of all kinds play in facilitating access to health information, education, and care—and the data they collect in return.

In a post-Roe world, service providers can expect a raft of subpoenas and warrants seeking user data that could be employed to prosecute abortion seekers, providers, and helpers. They can also expect pressure to aggressively police the use of their services to provide information that may be classified in many states as facilitating a crime.

Whatever your position on reproductive rights, this is a frightening prospect for data privacy and online expression. That’s the bad news.

The good news is there is a lot companies—from ISPs to app developers to platforms and beyond—can do right now to prepare for that future, and those steps will benefit all users. If your product or service might be used to target people seeking, offering, or facilitating abortion access, now is the time to minimize the harm that can be done.

Here’s some ideas to get you started.

If You Build it, They Will Come—So Don’t Build It, Don’t Keep It, Dismantle What You Can, and Keep It Secure

Many users don’t truly realize how much data is collected about them, by multiple entities, as they go about their daily business. Search engines, ISPs, apps, and social media platforms collect all kinds of data, including highly sensitive information. Sometimes, they need that data to provide the service the user wants. Too often, however, they use it for other purposes, like ad sales, and/or for selling to third parties. Sometimes they’ll claim the data is anonymized. But often that’s not possible. For example, there’s no such thing as “anonymous” location data. Data points like where a person sleeps at night or spends their days are an easy way to find a person’s home address or job. A malicious observer can easily connect these movements to identify a person and anticipate their routines and movement. Another piece of the puzzle is the ad ID, another so-called “anonymous" label that identifies a device. Apps share ad IDs with third parties, and an entire industry of  “identity resolution” companies can readily link ad IDs to real people at scale.

Governments and private actors know that intermediaries and apps can be a treasure trove of information. Good data practices can help you avoid being on the wrong side of history and legal hassles to boot—after all, if you don’t have it, you can’t produce it.

1. Allow pseudonymous access

Give your users the freedom to access your service pseudonymously, that is, so that even you do not know their identities. As we've previously written, “real-name” policies and their ilk are especially harmful to vulnerable populations, including pro-democracy activists, the LGBT community—and people seeking or providing abortion access. Recognize that authentication or verification schemes that require users to submit identification may also put them at risk.

2. Stop behavioral tracking

Don’t do it. If you must, make sure users affirmatively opt in first. If that’s not possible, ensure users know about it and know they can opt out. This includes letting users modify data that's been collected about them so far, as well as giving them the option to not have your service collect this information about them at all. When users opt out, delete their data and stop collecting it moving forward. Offering an opt-out of targeting but not out of tracking is unacceptable.

3. Check your retention policy

Do you really need to keep all of that data you’ve been collecting? Now is the time to clean up the logs. If you need them to check for abuse or for debugging, think carefully about which precise pieces of data you really need. And then delete them regularly—say, every week for the most sensitive data. IP addresses are especially risky to keep. Avoid logging them, or if you must log them for anti-abuse or statistics, do so in separate files that you can aggregate and delete frequently. Reject user-hostile measures like browser fingerprinting.

4. Encrypt data in transit.

Seriously, encrypt data in transit. Why are you not already encrypting data in transit? Does the ISP and the entire internet need to know about the information your users are reading, the things they're buying, and the places they're going?

5. Enable end-to-end encryption by default.

If your service includes messages, enable end-to-end encryption by default. Are you offering a high-value service—like AI-powered recommendations or search—that doesn’t work on encrypted data? It’s time to re-evaluate that tradeoff.

6. Don’t allow your app to become a location mine

There is an entire industry devoted to collecting and selling location data—and it’s got a well-documented history of privacy violations. Some location data brokers collect that data by getting ordinary app developers to install tracking software into their apps. Don’t do that.

7. Don’t share the data you collect more than necessary, and only with trusted/vetted partners

This one is beyond obvious: don’t share the data you collect except as necessary to provide the service you are offering. Even then, make sure you vet those third parties’ own data practices. Of course, this requires actually knowing where your data is going. Finally, avoid third-party connections.

8. Where possible, make it interoperable

There may be a third party that can do a better job protecting your privacy-conscious users than you can alone. If so, allow them to interoperate with you so they can offer that service.

Push Back Against Improper Demands—and Be Transparent About Them

For example, law enforcement may ask a search engine to provide information about all users who searched for a particular term, such as “abortion.” Law enforcement may also seek unconstitutional “geofence warrants” demanding data on every device in a given geographic area. Law enforcement might use that information to draw a line around an abortion clinic in a neighboring state, get a list of every phone that’s been there, and use that information to track people as they drive back home across state lines. Private parties, meanwhile, may leverage the power of the courts to issue subpoenas to try to unmask people who provide information online anonymously.

1. Stand up for your users

Challenge unlawful subpoenas for user information in court. If a warrant or subpoena is improper, push back. For example, federal courts have ruled that geofence warrants are unconstitutional. And there are strong protections in the U.S. for anonymous speech. Does the court have jurisdiction to require compliance? Some companies have been willing to stand up for their users. Join them. If your company can’t afford legal counsel, EFF may be able to help.

2. At minimum, provide notice to affected users 

Your user should never learn that you disclosed their information after it’s too late for them to do anything about it. If you get a data request, and there is no legal restriction forbidding you from doing so, notify the subject of the request as soon as possible.

3. Implement strong transparency practices

Issue transparency reports on a regular basis, including state-by-state breakdown of data requests and information related to reproductive rights bans/restrictions. Facebook’s transparency report, for example, is only searchable by country, not by state. And while the report mentions removing information based on reports from state attorneys general, it did not name the states or the reasons for the requests. Endorse the Santa Clara Principles on Transparency and Accountability – and implement them.

If You Market Surveillance Technology to Governments, Know Your Customer

This should also be obvious.

Review and Revise Your Community Standards Policy to Discourage Abuse

Social media platforms regularly engage in “content moderation”—the depublication, downranking, and sometimes outright censorship of information and/or user accounts from social media and other digital platforms, usually based on an alleged violation of a platform’s “community standards” policy. Such moderation, however well-intentioned, is often deeply flawed, confusing and inconsistent, particularly when it comes to material related to sexuality and sexual health. Take, for example, the attempt by companies to eradicate homophobic and transphobic speech. While that sounds like a worthy goal, these policies have resulted in LGBTQ users being censored for engaging in counterspeech or for using reclaimed terms like “dyke.”

Facebook bans ads it deems “overly suggestive or sexually provocative,” a practice that has had a chilling effect on women’s health startups, bra companies, a book whose title contains the word “uterus,” and even the National Campaign to Prevent Teen and Unwanted Pregnancy.

In addition, government and private actors can weaponize community standards policies, flagging speech they don’t like as violating community standards. Too often, the speaker won’t fight back, either because they don’t know how, or because they are intimidated.

Platforms should take another look at their speech policies, and consider carefully how they might be abused. For example, almost every major internet platform—Facebook, Google (owner of Blogger and YouTube), Twitter, and reddit—has some prohibition on “illegal” material, but their policies do not explain much further. Furthermore, most have some policy related to “local laws”—but they mean laws by country, not by state. This language leaves a large hole for individuals and governments to claim a user has violated the policy and get life-saving information removed.

Furthermore, as noted, Facebook has a terrible track record with its policy related to sex and sexual health. The company should review how its policy of labeling images associated with “birth-giving and after-birth giving moments, including both natural vaginal delivery and caesarean section,” might lead to confusion.

If your product or service might be used to target people seeking, offering, or facilitating abortion access, now is the time to minimize the harm that can be done.

Many groups share information through Google docs—posting links either within a network or even publicly. In a post-Roe world, that might include information about activities that are illegal in some states. However, while Google permits users to share educational information about illegal activities, it prohibits use of the service to engage in such activities or promote them.

Blogger uses similar language, and adds that “we will take appropriate action if we are notified of unlawful activities, which may include reporting you to the relevant authorities.” This language may discourage many from using the service to share information that, again, might be legal in some states and illegal in others.

In general, many sites have language outlawing material that may lead to “serious physical or emotional harm.” Depending on how “harm” is construed, and by whom, this language too could be an excuse to excise important tools and information. 

Worse, companies have set some unfortunate recent precedent. For example, Facebook’s transparency report mentions, in response to COVID-related concerns, that it blocked access to 27 items in response to reports from state attorneys general and the US Attorney General. All 27 were ultimately reinstated, as they did not actually violate Facebook’s “community standards or other applicable policies.” This shows a willingness on Facebook’s part to act first and ask questions later when contacted by state authorities. Even if eventually reinstated, the harm to people looking for information in a critical, time-sensitive situation could be incalculable.

Most of these ideas aren’t new – we’ve been calling for companies to take these steps for years. With a new threat model on the horizon, it’s past time for them to act. Our digital rights depend on it.

Corynne McSherry

Reproductive Privacy Requires Data Privacy

1 week ago

EFF supports data privacy for all, and that includes people seeking reproductive health care. Even before the Supreme Court draft decision regarding Roe v. Wade leaked, EFF was engaged with reproductive justice advocates on how to better protect data privacy for people seeking care, providing it, and funding it. We’ve provided digital privacy and security tips for patients seeking care and people involved in abortion access. But more is needed.

That's why EFF supports California’s A.B. 2091, authored by Asm. Mia Bonta and sponsored by Planned Parenthood Affiliates of California. This bill seeks to stop information about people seeking abortions in California from flowing across state lines and used by prosecutors or private actors under other states’ anti-abortion laws.

Specifically, it prohibits health care providers and service plans from releasing medical information related to people seeking or obtaining an abortion, in response to a subpoena or request based on another state’s law that interferes with reproductive freedom protected by California law. The bill also prohibits a person from being compelled to provide information that would identify someone who has sought or obtained an abortion, if it is being requested in this scenario. While EFF is not a reproductive rights advocacy group, our history of work on digital privacy—particularly health privacy—compels us to support this bill.

This issue also falls squarely within our organization’s work on limiting the collection and use of government data for purposes other than it was collected. Governments collect information for many reasons. But, all too often, data collected by the state is misused and weaponized for other purposes. The ones who suffer most are often vulnerable minority groups. This sad legacy of data misuse stretches from census data being used for Japanese-American internment during World War II, to license plate data being weaponized against immigrants today.

EFF likewise has supported legislation to protect data in the state of California from being misused to enforce federal immigration policies. California should be a digital sanctuary state for both immigrants and people seeking reproductive health procedures.

As the bill's sponsors told the California legislature, "No one should be able to manipulate California’s legal system to target and punish people who seek care and refuge here."

We urge California's legislators to pass A.B. 2091 as a crucial step to building such a sanctuary.

Hayley Tsukayama

A Token of Thanks for a Brighter Future

1 week ago

UPDATE: All Sustaining Donor Challenge Coins have been claimed! But there’s plenty of other member gear, and EFF can sure use your help.

EFF members have joined forces to fight for civil liberties and human rights online for over 30 years. Our movement has never been an easy one, but the future of technology depends on our determination. EFF members power EFF’s attorneys, activists, and technologists every day. Together, we can make a difference for every tech users’ right to privacy, free speech, and digital access. Will you sustain the cause with a modest recurring donation?


Become an EFF Sustaining Donor

If you become a Sustaining Donor today, you can receive an individually-numbered EFF 30th Anniversary Challenge Coin as a token of our thanks! To be eligible, just set up an automated donation of at least $5 per month or $25 per year. We’ll send a challenge coin to the address you provide. Fewer than 200 of these 30th anniversary tokens are left so get yours now.

Challenge coins follow a long tradition of offering a symbol of kinship and respect for great achievements—and EFF owes its strength to tech users around the world like you. With your sustaining contribution, EFF is here to stay.

When you sign up to support EFF, you can get a number of EFF member perks including conversation-starting gear each year (like the recent Stay Golden t-shirt seen above!), a membership card, an EFF bumper sticker, discounts on EFF events, and invitations to local and virtual Speakeasy meetups and programs. Even if you choose to skip those benefits, know that your support makes a difference for people around the world. Take a stand for internet freedom today!

Support Online Rights

Start a Monthly or Annual Sustaining Donation

Reach out with any questions at membership@eff.org. EFF is a U.S. 501(c)(3) nonprofit, tax ID #04-3091431, and your gift is tax-deductible as allowed by law.

Aaron Jue

Podcast Episode: The Philosopher King

1 week 1 day ago

Computer scientists often build algorithms with a keen focus on “solving the problem,” without considering the larger implications and potential misuses of the technology they’re creating. That’s how we wind up with machine learning that prevents qualified job applicants from advancing, or blocks mortgage applicants from buying homes, or creates miscarriages of justice in parole and other aspects of the criminal justice system.

James Mickens—a lifelong hacker, perennial wisecracker, and would-be philosopher-king who also happens to be a Harvard University professor of computer science—says we must educate computer scientists to consider the bigger picture early in their creative process. In a world where much of what we do each day involves computers of one sort or another, the process of creating technology must take into account the society it’s meant to serve, including the most vulnerable.

Mickens speaks with EFF's Cindy Cohn and Danny O’Brien about some of the problems inherent in educating computer scientists, and how fixing those problems might help us fix the internet.

%3Ciframe%20height%3D%2252px%22%20width%3D%22100%25%22%20frameborder%3D%22no%22%20scrolling%3D%22no%22%20seamless%3D%22%22%20src%3D%22https%3A%2F%2Fplayer.simplecast.com%2F6647dd6c-f36b-4825-905d-1c8ca86df470%3Fdark%3Dtrue%26amp%3Bcolor%3D000000%22%20allow%3D%22autoplay%22%3E%3C%2Fiframe%3E Privacy info. This embed will serve content from simplecast.com


This episode is also available on the Internet Archive.

In this episode you’ll learn about:

  • Why it’s important to include non-engineering voices, from historians and sociologists to people from marginalized communities, in the engineering process
  • The need to balance paying down our “tech debt” —cleaning up the messy, haphazard systems of yesteryear—with innovating new technologies
  • How to embed ethics education within computer engineering curricula so students can identify and overcome challenges before they’re encoded into new systems
  • Fostering transparency about how and by whom your data is used, and for whose profit
  • What we can learn from Søren Kierkegaard and Stan Lee about personal responsibility in technology

Music for How to Fix the Internet was created for us by Reed Mathis and Nat Keefe of BeatMower.

This podcast is licensed Creative Commons Attribution 4.0 International, and includes the following music licensed Creative Commons Attribution 3.0 Unported by their creators: 


Machine Learning Ethics:

Algorithmic Bias in Policing, Healthcare, and More:

Adversarial Interoperability and Data Fiduciaries:


James: One of the fun things about being a computer scientist, as opposed to, let's say a roboticist, someone who actually builds physical things. I'm never going to get my eye poked out, because my algorithm went wrong. Like I'm never going to lose an arm or just be ruined physically because my algorithm didn't work at least on paper. Right? And so I think computer science does tend to draw people who like some of these very stark sort of contrasts, like either my algorithm worked or it didn't. But I think that what's ended up happening is that in the infancy of the field, you could kind of sort of take that approach and nothing too bad would happen.

But now when you think about everything we do in a day, there's a computer involved in almost all of that. And so as a result, you can no longer afford to say, I'm not going to think about the bigger implications of this thing, because I'm just a hobbyist, I'm just working on some little toy that's not going to be used by thousands or millions of people.

Cindy: That's James Mickens. He's a professor of computer science at Harvard School of Engineering and Applied Sciences and a director at the Berkman Klein Center for Internet and Society. He's also a lifelong hacker.


James is going to tell us about some of the problems in educating ethical computer scientists and we're going to talk about how fixing those problems might help us fix the internet.

Cindy: I'm Cindy Cohn, EFF's executive director.

Danny: And I'm Danny O'Brien special advisor to EFF. Welcome to How to Fix the Internet, a podcast of the Electronic Frontier Foundation.

James thank you so much for joining us. It’s really exciting to talk to you about how computer scientists and other technically minded people will help us move toward a better future and what that future looks like when we get there. 

James: Well, hello. Thank you for that great introduction and thank you for inviting me to have a chat.

Cindy: So let's wallow in the bad for a minute before get to the good. What's broken in our internet society now, or at least the specific pieces that are most concerning to you?

James: Well, there are just so many things. I mean, I could just give you a wood cut, like from the medieval period, people are on fire. They're weird people with bird masks running around. It's a scene. But if I had to just pick a couple things, here are a couple things that I think are bad. I think that at a high level, one of the big challenges with technology right now is the careless application of various techniques or various pieces of software in a way that doesn't really think about what the collateral damage might be and in a way that doesn't really think about, should we be deploying this software in the first place. At this point, sort of a classic example is machine learning, right? So machine learning seems pretty neat.   But when you look at machine learning being applied to things like determining which job applications get forwarded up to the next level, determining who gets mortgages and who does not, determining who gets sentenced to parole versus a harsher sentence for example. What you end up seeing is that you have these really non-trivial applications of technology that have these real impacts in the actual world. It's not some abstract exercise where we're trying to simulate the thought process of an agent in a video game or something like this.

Danny: Is there something special about computer scientists that makes them like this? Is it hubris? Is it just a feeling like they've got the answer to all of the world's problems?

James: The way that we're sort of trained as computer scientists is to say here's a crisp description of what a problem is and then here are a concrete set of steps which can "fix that problem". And going through that series of steps of identifying the problem, coming up with an algorithm to "solve it" and then testing it, at first glance that seems very clean. And in fact, there are a couple simple problems we could think of that are very clean to solve.

So for example, I give you a bunch of numbers, how do you sort them. It seems like a pretty objective thing to do. We all have a very clear understanding of what numbers are and what order means. But now if I ask you to do something like find the best applicant for a particular job, even if you were to ask different humans what the answer to that question is, they would probably give you a bunch of different answers.

And so this idea that somehow, because computers manipulate binary data, zeros and ones, that somehow we're always going to have clean answers for things, or somehow always be able to take these intractable social problems and represent them in this very clean way in the digital space, it's just absolutely false. And I think machine learning is a particular example of how this goes astray. Because you end up seeing that you get this data, this data has biases in it, you train an algorithm that replicates the biases in the training data, and that just perpetuates the social problem that we see sort of in the pre digital world.

Cindy: When we were first looking at predictive policing, for instance, which is a set of technologies that try to allegedly predict where crime is going to happen, the short answer to this is it actually just predicts what the police are going to do. If you define the problem as well, police know where crime is, then you've missed a whole lot of crime that police never see and don't focus on and don't prioritize. So that was an early example, I think, of that kind of problem.

James: People who live in let's say underprivileged communities or over policed communities, if you asked them what would happen if you were to apply one of these predictive policing algorithms, I bet a lot of them could intuitively tell you from their personal experience, well, the police go where they think the police need to go. And of course, that sets up a feedback circle. And just to be clear, I'm not trying to take out some sort of maximalist anti-police position here, I'm just saying there are experiences in the world that are important to bring to bear when you design technical artifacts, because these technical artifacts have to relate to society. So I think it's really important when you're getting a technical education that you also learn about things involving history or sociology or economics, things like that.

Cindy: I want to switch just a little bit, because we're trying to fix the internet here and I want to hear what's your vision of what it looks like if we get this right.I want to live in that world, what does that world look like from where you sit?

James: Well, a key aspect of that world is that I have been nominated as the philosopher king.

Cindy: Cool.

James: And that's the first thing and really everything sort of follows.

Danny: We'll get right on that.

James: Good to see everyone agrees with it.

Cindy: Yeah.

James: Yeah. Thank you. Thank you. So I think we've sort of hinted at one of the things that needs to change in my opinion, which is the way that "technical education" is carried out. A lot of engineers go through their formal engineering training and they're taught things like calculus and linear algebra. They learn about various programming languages. They learn how to design algorithms that run quickly. These are all obviously very important things, but they oftentimes don't receive in that formal education an understanding of how the artifacts that they build will interact with larger society. And oftentimes they don't receive enough education in what are sort of the historical and social and economic trends independent of technology, that have existed for hundreds or thousands of years that you should really think about if you want to create technology that helps the common good.

Cindy: And the other thing I hear in this is community involvement, right? That the people who are going to be impacted by the artifact you build need to be some of the people you listen to and that you check into that you go to the neighborhoods where this might be applied or you talk to the people who are trying to figure out how to get a mortgage and you begin to understand what the world looks like in shoes that are not yours. 

Are there any places in machine learning where you think that people are starting to get it right or is it still just a wasteland of bad ideas?

Danny: Allegedly.

James: It is. Yeah. The wasteland word is, I still think, generally applicable, but people are starting to awaken. People are starting to look at notions of, can we rigorously define transparency in terms of explaining what these algorithms do? Can we sort of rigorously think about bias and how we might try to address that algorithmically in collaboration with people. The field is starting to get better. I think there is still a lot of pressure to "innovate". There's still pressure to publish a lot of papers, get your cool new ML technology out there, how else am I going to get venture capital, things like this. So I think there's still a lot of pressure towards not being thoughtful, but I do see that changing.

Danny: So one of the things that we've seen in other podcast interviews is that actually we are going to have to go and redo some of the fundamentals because we're building on weak foundations, that we didn't think about computer security when we first started writing operating systems for general use and so forth. Do you think that's part of this as well? Not only do we have to change what we're going to do in the future, but we actually have to go and redo some stuff that engineers made in the past?

James: I think it speaks to these larger issues of tech debt, which is a term that you may have heard before. This idea that we've already built a bunch of stuff and so for us to go back and then fix it, for some definition of fix. So would you prefer us to just tackle that problem and not innovate further or would you prefer... What should we do? I think you're right about that. That is an important thing. If you look at, for example, how a lot of the internet protocols work or like how a lot of banking protocols work or things like this, systems for doing airline reservations, in some cases, this code is COBOL code. It came from the stone age, at least in computer science terms. 

And the code is very creaky. It has security problems. It's not fast in many cases, but would society tolerate no flights for a year, let's say, as we go back and we modernize that stuff? The answer is no obviously. So then as a result, we kind of creak forward. If you think about the basic core internet infrastructure, when it was designed, roughly speaking, it was like a small neighborhood. Most people on the internet knew everybody. Why would Sally ever try to attack my computer? I know her, our kids go to the same school, that would just be outrageous. But now we live in a world where the Internet's pervasive. That's good, but now everyone doesn't know everyone. And now there are bad actors out there. And so we can try to add security incrementally- that's what HTTPS does. The S stands for security, right? So we can try to layer security at top these sort of creaky ships, but it's hard. I think a lot of our software and hardware artifacts are like that. 

It's really getting back, I think, to Cindy's question too, about what would I want to see improved about the future? I always tell this to my students and I wish more people would think about this, it's easier to fix problems early, rather than later. That seems like a very obvious thing that Yoda would say, but it’s actually quite profound.  Because once you get things out in the world and once they get a lot of adoption, for you to change any little thing about it is going to be this huge exercise. And so it's really helpful to be thoughtful at the beginning in the design process.

Cindy: You've thought a little bit of about how we could get more thoughtfulness into the design process. And I'd love for you to talk about some of those ideas.

James: Sure. One thing that I'm really proud of working on is this embedded ethics program that we have at Harvard, and that's starting to be adopted by other institutions. And it gets back to this idea of what does it mean to train an engineer? And so what we're trying to do in this program is ensure that every class that a computer scientist takes, there'll be at least one lecture that talks about ethical considerations, concerns involving people and society and the universe that are specific to that class. Now, I think the specific to that class part is very important, right? Because I think another thing that engineers sometimes get confused about is they might say, oh, well, these ethical concerns are only important for machine learning.

I get it, machine learning interacts of people, but it's not important for people who build data centers. Why should I care about those things? But let's interrogate that for a second. Where do you build data center? Well, data centers require a lot of power. So where is that electricity going to come from? How is that electricity going to be generated? What is the impact on the surrounding community? Things like this. There's also sort of like these interesting geopolitical concerns there. So how many data centers should we have in North America versus Africa? What does the decision that we come to say about how we value different users in different parts of the world? 

As computer scientists, we have to accept this idea: we don't know everything, close to everything, but not everything, right? And so one of the important aspects of this embedded ethics program is that we bring in philosophers and collaborate with them and help use their knowledge to ground our discussions of these philosophical challenges in computer science.   

Cindy: Do you have any success stories yet, or is it just too early?

James: Well, some of the success stories involve students saying I was thinking about going to company X, but now I've actually decided not to go there because I've actually thought about what these companies are doing. I'm not here to name or shame, but suffice it to say that I think that's a really big metric for success  And we're actually trying to look at assessment instruments, talk to people from sociology or whatnot who know how to assess effectiveness and then tweak pedagogical programs to make sure that we're actually having the impact that we want.

Cindy: Well, I hope that means that we're going to have a whole bunch of these students beat a path to EEF's door and want to come and do tech for good with us because we've been doing it longer than anyone. 

Danny: “How to Fix the Internet” is supported by The Alfred P. Sloan Foundation’s Program in Public Understanding of Science. Enriching people’s lives through a keener appreciation of our increasingly technological world and portraying the complex humanity of scientists, engineers, and mathematicians.

Cindy: We're landing some societal problems on the shoulders of individual computer scientists and expecting them to kind of incorporate a lot of things that really are kind of built into our society like the venture capital interest in creating new products as quickly as possible, the profit motive or these other things. And I'm just wondering how poor little ethics can do standing up against some of these other forces.

James: I think sort of the high level sort of prompts is late stage capitalism, what do we do about it?

Cindy: Fair enough.

James: You are right, there And alas, I don't have immediate solutions to that problem.

Cindy: But you're supposed to be the philosopher king, my friend..

James: Fair enough. So you're right. I think that there's not like a magic trick we can do where we can say, oh, well, we'll just teach computer scientists and ethics and then all of a sudden the incentives for VCs will be changed because the incentives for VCs are make a lot of money, frequently make a lot money over the short term. They are not incentivized by the larger economy to act differently. But I think that the fact that better trained engineers can't solve all problems shouldn't prevent us from trying to help them to solve some problems. 

I think that there's a lot of good that those types of engineers can do and try to start changing some of these alignments. And there's a responsibility that should come with making products that affect potentially millions of people. So I sometimes hear this from students though. You're exactly right. Sometimes they'll say it's not my job to change sort of the larger macroeconomic incentive structures that make various things happen.

But then I say, well, but what are some of the biggest drivers of those macroeconomic incentive structures? It's tech companies. When you look at sort of stock market valuations and economic influence, it's these companies that you, the student, will be going to, that are helping to shape these narratives. And also too, it's you, the students, you'll go out, you'll vote. You'll think about ballot referendums, things like that. So there are things that we all have the responsibility to think about and to do individually, even though any one of us can't just sort of snap our fingers and make the change be immediate. We have to do that because otherwise society falls apart.

Danny: So some of this discussion assumes that we have like universal ethics that we all agree on, but I think there's always, I mean, part of the challenge in society is that we have room to disagree. Is there a risk that if we inject this sort of precautionary principle into what we are doing, we're actually missing out on some of the benefits of this rapid change? If we hold back and go, well, maybe we shouldn't do this, we're excluding the chance that these things will actually make society much, much better for everyone?

James: As an engineer trying to design a system to be "value neutral", that in and of itself is an ethical decision. You've made the decision to say like not considering social or economic factors X, Y, and Z is the right thing to do. That is an ethical decision. And so I think a lot of engineers though, they fall into that fallacy. They say, well, I'm just going to focus on the code. I'm just going to focus on the thing I'm going to build. And it'll be the users of that software that have to determine how to use it ethically or not.

But that argument is that just doesn't work.  The mere fact that people may disagree over values does not absolve us of the responsibility from thinking about those values nonetheless.

Cindy: To me, especially in a situation in which you're building something that's going to impact people who aren't involved in the building of it, right? I mean, you can build your own machine learning to tell you what you want about your life. And I don't have much to say about that, but a lot of these systems are making decisions for people who have no input whatsoever into how these things are being built, no transparency into how they're working and no ability to really interrogate the conclusions that are made. And to me, that's where it gets the riskiest.

James: I often turn to existential philosophy in cases like this. For the listeners who aren't familiar with philosophy, or think that it's all very obtuse, that's true about some of it. But if you read the existentialists, it's quite beautiful, a lot of the prose. It's just really fun to read, and it has these really impactful observations. And one of my favorite passages is from this guy, Kierkegaard. And Kierkegaard's talking about sort of like this burden of choice that we have. And he has this really beautiful metaphor where he says we are each the captain of our own ship.

And even if we choose not to put our hand on the rudder to point the ship in some direction, the wind will nevertheless push us towards some shore. And so in deciding where you want to go, you make a decision. If you decide not to make an active decision about where to sail your boat, you're basically deciding I will let the wind tell me where to go. The metaphor is telling us that your boat's still going to go in some direction even if you don't actively become the captain of it.

And I think about that a lot, because a lot of engineers want to abdicate themselves with the responsibility for being the captain of their own boat. And they say, I'm just going to focus on the boat and that's it. But in this metaphor sort of society and built in biases and things like that, those are the winds. Those are the currents. And they're going to push your product. They're going to push your software towards some shore and that's going to happen regardless of whether you think that's going to happen or not. So we really have this responsibility to choose and decide.

Danny: I hate to follow Kierkegaard with Stan Lee, but is that with great power comes great responsibility. And I wonder if part of these ethical discussions is whether that's not the problem. That you are asking engineers and the creators of this technology to make ethical decisions sort of that will affect the rest of society. And the problem is that actually it should be the rest of society that makes those decisions and not the engineers   maybe the harder work is to spread that power more equally and give everyone a little element of being an engineer like that they can change the technology in front of them. 

James: I think that what you're talking about sort of at a broad level is governance. How do we do governance of online systems? And it's a mess right now. It's a combination of internal company policies, which are not made public, external, that is to say publicly visible policies regulation, the behavior of individual users on the platform. And it's a big mess. Because I think that right now, a lot of times what happens is a disaster happens and then all of a sudden there's some movement by both the companies and maybe regulators to change something thing, and then that'll be it for a bit. And then things kind of creak along then another disaster happens. So it'd be nice to think about, in a more systemic way, how we should govern these platforms. 

Cindy: As a free speech, fourth amendment lawyer, having governments have more say over the things that we say in our privacy and those kinds of things, well, that hasn't always worked out all that well for individual rights either, right? But we have these gigantic companies. They have a lot of power and it's reasonable to think, well, what else has a lot of power that might be able to be a check on them? Well, there's government. And that's all true, but the devil really is in the details and we worry as much about bad corporate behavior as we do bad governmental behavior. And you have to think about both. 

Cindy: So let's say you're the philosopher king or in your great new world, what does it look like for me as a user in this future world ?

James: I think one important aspect is more transparency about how your data is used, who it gets shared with, what is the value that companies are getting from it. And we're moving a little bit in that direction slowly but surely. Laws like GDPR, CCPA, they're trying to slowly nudge us in this direction. It's a very hard problem though, as we all know. I mean, engineers may not fully understand what their systems do. So then how are they going to explain that in a transparent way to users. But in sort of this utopia, that's an important aspect of online services. There's more transparency in how things work. I think there's also more consent in how things work. So these things go hand in hand. So users would have more of an ability to opt into or opt out of various manipulations or sharings of their data.

Once again, we're starting to go a little bit closer towards that. I think we can do much, much more. I think that in terms of content moderation, I think, and this is going to be tricky, it's going to be hard, this speaks to sort of Cindy's observations about, well, we can't fully trust government or the companies. But in my opinion, I mean, I'm the philosopher king in this experiment. So in my opinion, what I want to have is I want to have a floor that defines sort of minimal standards for protections against hate speech, harassment, things like that. Of course the devils and the details. But I think that's actually something that we don't really have right now. There's also this important aspect of having educated like citizens, right? So having more technical education and technical literacy for laypeople so that they can better understand the consequences of their action. 

Cindy: That we know what choices we're making, we're in charge of these choices and have actual choices, I think are all tremendously important. EFF has worked a lot around adversarial interoperability and other things which are really about being able to leave a place that isn't serving you. And to me, that's got to be a piece of the choice. A choice that doesn't really let you leave is not actually a choice.

James: As you may know, there have been some recent proposals that want to solve this portability issue essentially by saying, let's have users store all their data on user owned machines and then the companies have to come to us for permission to use that data. There's a sort of push and pull there in terms of, on the one hand wanting to give people literal power over their data, such that it's actually their machines that are storing it versus saying, well, if I look at like the computers that are administered by my relatives, for example, who are not computer scientists, these computers are offline all the time. They've got like terrible, ridiculous programs on them. They're not reliable. Now in contrast, you look at a data center, that's administered by paid professionals whose job it is to keep those machines online. So there's an advantage to using that model.

Do we want to still keep our data in centralized places, but then make sure there's plumbing to move stuff between those centralized places or do we want to, in the extreme, go towards this peer to peer decentralized model and then lose some of the performance benefits we get from the data center model?

Cindy: That's a good articulation of some of the trade-offs here. And of course the other way to go is kind of on the lawyer side of things is a duty of care that people who hold your data have a fiduciary or something similar kind of duty to you in the same way that your accountant or lawyer might have. So they have your data, but they don't have the freedom to do with it what they want. In fact, they're very limited in what they can do with it.  I feel very optimistic in a certain way that there are mechanisms on the technical side and the non-technical side to try to get us to this kind of control. Again, none of them are without trade-offs, but they exist all across the board.

James: Yes. And I think an interesting area of research, it's an area that I'm a bit interested in myself, is what are specific technical things that software developers can do to provide obvious compliance with legal regulations. Because these laws, they're just like any human creation. They can be vague or ambiguous in some cases, they can be difficult to implement. 

And I think that part of this gets down to having these different communities talk to each other. One reason it's difficult for computer scientists to write code that complies with legal requirements is that we don't understand some of these legal requirements. The lawyers need to learn a little bit more about code and the computer scientists need to learn a little bit more about the law.

Cindy: It's also the case, of course, that sometimes laws get written without a clear idea of how one might reduce it to ones and zeros. And so that may be a bug if you're a computer scientist, it might be a feature if you're a lawyer, right? Because then we let judges sort out in the context of individual situations what things really mean. 

James: So one of the gifts of the philosopher king to lure people under these semantic morasses 

Cindy: Thank you so much king.

James: No problem of course. It's been great sitting here chatting with you. Let me return back to my kingdom.

Danny: James Mickens, thank you very much.

James: Thank you.

Cindy: Well, James teaches computer science at Harvard, so it's right that his focus is on education and personal ethics and transparency. This is the work of the computer scientists. And I appreciate that he's working and thinking hard about how we build more ethical builders and also that he's recognizing that we need to kind of move beyond the silos that computer science often finds itself in and reach out to people with other kinds of expertise, especially philosophy. But we also heard from him about the importance of the role of the impacted community, which is something we've heard over and over again in this podcast and the need to make sure that the people who are impacted by technology understand how it works and have a voice.

Danny: It wasn't just sort of this literally academic kind of discussion. He had some practical points too, I mean, for instance, that if we do need to improve things and fix things, we found some ways of doing incremental security improvements like HTTPS, but some really have to overcome a lot of tech debt. And I don't think we're going to be in a situation where we can ask people not to book airplane tickets while we fix the fundamentals, which again, points out to what he's saying, which is that we need to get this stuff right earlier rather than later in this process.

Cindy: And I loved hearing about this embedded ethics program that he's working on at Harvard and at other places and the idea that we need to build ethics into every class and every situation, not just something we tack on separately at the end, I think is a very good start. And of course, if it leads to a line of students who want to do ethical tech beating their way to EFFs doors, that would be an extra bonus for us.

Danny: It does make everything a little bit more complicated to think of ethics and the wider impact. I mean, I did take on board his comparison of the ease of building a centralized internet, which might have deleterious effects on society with the obvious solution, which is to decentralize things. But you have to make that just as easy to use for the end user and then somebody who's hacking away trying to build a decentralized web, that's something I definitely took personally and will take on board.

Cindy: There's trade-offs everywhere you go. And I think in that way, James is just a true educator, right? He's requiring us all to look at the complexities in all directions so that we can really bring all those complexities into thinking about the solutions we embrace. After this conversation, I kind of want to live in the world where James is our philosopher king.

Danny: Thanks to you, James Mickens, our supreme leader and thanks you for listening today. Please visit eff.org/podcast for other episodes, or to become a member. Members are the only reason we can do this work. Plus you can get cool stuff like an EFF hat or an EFF hoodie, or even an EFF camera cover for your laptop. Music for How to Fix the Internet was created for us by Reed Mathis and Nat Keefe of BeatMower. This podcast is licensed Creative Commons Attribution 4.0 International and includes music licensed under the Creative Commons Attribution 3.0 imported license by their creators. You can find those creators names and links to their music in our episode notes or on our website at eff.org/podcast. How to Fix the Internet is supported by Alfred P. Sloan Foundation's Program in Public Understanding of Science and Technology. I'm Danny O'Brien.

Cindy: And I'm Cindy Cohn.



James Mickens is a professor of computer science at the Harvard School of Engineering and Applied Sciences and a director at the Berkman Klein Center for Internet and Society. He studies how to make distributed systems faster, more robust, and more secure; much of his work focuses on large-scale web services, and how to design principled system interfaces for those services. Before Harvard, he spent seven years as a researcher at Microsoft; he was also a visiting professor at MIT. Mickens received a B.S. from the Georgia Institute of Technology and a Ph.D. from the University of Michigan, both in computer science.

Josh Richman

EFF and Other Civil Society Organizations Issue Report on Danger to Digital Rights in Ola Bini Trial

1 week 1 day ago

In preparation for what may be the final days of the trial of Ola Bini, an open source and free software developer arrested shortly after Julian Assange's ejection from Ecuador’s London Embassy, civil society organizations observing the case have issued a report citing due process violations, technical weaknesses, political pressures, and risks that this criminal prosecution entails for the protection of digital rights. Bini was initially detained three years ago and previous stages of his prosecution had significant delays that were criticized by the Office of the Inter-American Commission on Human Rights (IACHR) Special Rapporteur for Freedom of Expression. An online press conference is scheduled for May 11th, with EFF and other organizations set to speak on the violations in Bini's prosecution  and the danger this case represents. The trial hearing is set for May 16-20, and will most likely conclude next week. If convicted, Bini's defense can still appeal the decision.

What’s Happened So Far

The first part of the trial against Ola Bini took place in January. In this first stage of testimony and expert evidence, the court repeatedly called attention to various irregularities and violations to due process by the prosecutor in charge. Human rights groups observing the hearing emphasized the flimsy evidence provided against Bini and serious flaws in how the seizure of his devices took place. Bini's defense stressed that the raid happened without him present, and that seized encrypted devices were examined without following procedural rules and safeguards.

These are not the only problems with the case. Over two years ago, EFF visited Ecuador on a fact-finding mission after Bini’s initial arrest and detention. What we found was a case deeply intertwined with the political effects of its outcome, fraught with due process violations. EFF’s conclusions from our Ecuador mission were that political actors, including the prosecution, have recklessly tied their reputations to a case with controversial or no real evidence. 

Ola Bini is known globally as someone who builds secure tools and contributes to free software projects. Bini’s team at ThoughtWorks contributed to Certbot, the EFF-managed tool that has provided strong encryption for millions of websites around the world, and most recently, Bini co-founded a non-profit organization devoted to creating user-friendly security tools.

What  Bini is not known for, however, is conducting the kind of security research that could be mistaken for an “assault on the integrity of computer systems,” the crime for which he was initially investigated, or "unauthorized access to a computer system," the crime for which he is being accused now (after prosecutors changed the charges). In 2019, Bini's lawyers counted 65 violations of due process, and journalists told us at the time that no one was able to provide them with concrete descriptions of what he had done. Bini’s initial imprisonment was ended after a decision considered his detention illegal, but the investigation continued. The judge was later "separated" from the case in a ruling that admitted the wrongdoing of successive pre-trial suspensions and the violation of due process.

Though a judge decided in last year’s pre-trial hearing to proceed with the criminal prosecution against Bini, observers indicated a lack of solid motivation in the judge's decision.

A New Persecution

A so-called piece of evidence against Bini was a photo of a screenshot, supposedly taken by Bini himself and sent to a colleague, showing the telnet login screen of a router. The image is consistent with someone who connects to an open telnet service, receives a warning not to log on without authorization, and does not proceed—respecting the warning. As for the portion of a message exchange attributed to Bini and a colleague, leaked with the photo, it shows their concern with the router being insecurely open to telnet access on the wider Internet, with no firewall.

Between the trial hearing in January and its resumption in May, Ecuador's Prosecutor's Office revived an investigation against Fabián Hurtado, the technical expert called by Ola Bini's defense to refute the image of the telnet session and who is expected to testify at the trial hearing.

On January 10, 2022, the Prosecutor's Office filed charges for procedural fraud against Hurtado. There was a conspicuous gap between this charge and the last investigative proceeding by prosecutors in the case against Hurtado, when police raided his home almost 20 months before, claiming that he had “incorporated misleading information in his résumé". This raid was violent and irregular, and considered by Amnesty International as an attempt to intimidate Ola Bini's defense. One of the pieces of evidence against Hurtado is the document by which Bini’s lawyer, Dr. Carlos Soria, included Hurtado’s technical report in Bini's case file.

Hurtado's indictment hearing was held on February 9, 2022. The judge opened a 90-day period of investigation which is about to end. As part of this investigation, the prosecutor's office and the police raided the offices of Ola Bini's non-profit organization in a new episode of due process violations, according to media reports.

Civil Society Report and Recommendations

Today’s report, by organizations gathered in the Observation Mission of Bini's case, is critical for all participating and to others concerned about digital rights around the world. There is still time for the court to recognize and correct the irregularities and technical weaknesses in the case. It points out key points that should be taken into consideration by the judicial authorities in charge of examining the case.

In particular, the report notes, the accusations have failed to demonstrate a consistent case against Ola Bini. Irregularities in court procedures and police action have affected both the speed of the procedure and due process of law in general. In addition, accusations against Bini show little technical knowledge, and could lead to the criminalization of people carrying out legitimate activities protected by international human rights standards. This case may lead to the further persecution of the so-called "infosec community" in Latin America, which is made up primarily of security activists who find vulnerabilities in computer systems, carrying out work that has a positive impact on society in general. The attempt to criminalize Ola Bini already shows a hostile scenario for these activists and, consequently, for the safeguard of our rights in the digital environment.

Moreover, these activists must be guaranteed the right to use the tools necessary for their work—for example, the importance of online anonymity must be respected as a premise for the exercise of several human rights, such as privacy and freedom of expression. This right is protected by international Human Rights standards, which recognize the use of encryption (including tools such as Tor) as fundamental for the exercise of these rights.

These researchers and activists protect the computer systems on which we all depend, and protect the people who have incorporated electronic devices into their daily lives, such as human rights defenders, journalists and activists, among many other key actors for democratic vitality. Ola Bini, and others who work in the field, must be protected—not persecuted.

Jason Kelley

Thomson Reuters to Review Human Rights Impact of its Data Collection for ICE

1 week 1 day ago

EFF, along with many other organizations, has loudly sounded the alarm about data brokers and the myriad ways they can collect data on unsuspecting users, as well as the numerous dangers of public-private surveillance partnerships. One of the companies that has sometimes flown under the radar, however, is the Canada-based media conglomerate Thomson Reuters.  But after coming under increasing criticism for its provision of surveillance technologies to and contracts with U.S. Immigration and Customs Enforcement (ICE), the company has announced it will conduct a company-wide human rights assessment of its products and services. This comes on the heels of multiple years of investor activism where a minority shareholder, the BC General Employees’ Union (BCGEU), joined the Latinx rights organization Mijente in urging Thomson Reuters to cut its ties with ICE.

The union issued a blog post about the decision, stating that “Thomson Reuters contracts with ICE have a total value exceeding $100m USD. The contracts are to provide data brokerage services that help the U.S. agency target undocumented immigrants for detention and deportation. The company, via its Consolidated Lead Evaluation and Reporting (CLEAR) software, amassed data from private and public databases on individuals, like social media information, names, emails, phone data, license plate scans, utility bills, financial information, arrest records, insurance information, employment records, and much more.”

In addition, the CLEAR program provided Automated License Plate Reader (ALPR) data collected by Vigilant Solutions to ICE. EFF has long been monitoring the widespread use of Vigilant Solutions and ALPR data by law enforcement. We find the use of ALPR data to further human rights abuses a particularly troubling use of this invasive technology.

BCGEU’s capital markets advisor Emma Pullman told the Verge: “[Thomson Reuters] has realized that investors are quite concerned about this, and that the public are increasingly very concerned about data brokers. In that kind of perfect storm, the company has had to respond.” 

While welcome, an investigation of the impact of providing surveillance technologies to human rights abusers is not itself enough. ICE’s human rights record is both horrific and well-documented. This investigation should not be used to rubber-stamp existing contracts with ICE, no matter how lucrative they may be.

Bill Budington

SafeGraph’s Disingenuous Claims About Location Data Mask a Dangerous Industry

1 week 4 days ago

On Tuesday, Motherboard reported that data broker SafeGraph was selling location information “related to visits to clinics that provide abortions including Planned Parenthood facilities.” This included where people came from and where they went afterwards.

In response, SafeGraph agreed to stop selling data about Planned Parenthood visitors. But it also defended its behavior, claiming “SafeGraph has always committed to the highest level of privacy practices ensuring individual privacy is NEVER compromised.“ The company, it continued, “only sell[s] data about physical places (not individuals.)”

This framing is misleading. First, SafeGraph for years did sell data about individuals—and then remained closely tied to a business that still did so. Second, the aggregated location data that SafeGraph now sells is based on the same sensitive, individual location traces that are collected and sold without meaningful consent. 

SafeGraph’s History of Privacy Violations

Last year, EFF reported public records showing that SafeGraph had sold 2 years of “disaggregated, device-specific” location data about millions of people to the Illinois government, starting in January 2019.

Older materials about SafeGraph indicate that it used to offer a product called “Movement Panel.” A 2017 blog post from two people at SafeGraph describes Movement Panel as a “database of ultra-accurate GPS-location data that comes from anonymized mobile devices.” It also describes how SafeGraph used “the bidstream”—that is, data siphoned from the millions of apps that solicit ads on the open market through real-time bidding. Use of bidstream data is considered ethically dubious even within marketing circles, in part because it is nearly impossible to get knowing consent when data is shared and sold among hundreds of unseen parties.

It’s entirely possible that SafeGraph itself no longer sells this kind of data. But that’s not the whole story.

In 2019, SafeGraph spun off a company called Veraset, and the two companies remained tight. In 2020, Quartz reported that “[SafeGraph] says it gets mobility data from providers like its spin-off Veraset, which own the relationships with the apps that gather its data (Veraset doesn’t share the names of the apps with SafeGraph).” Founder Auren Hoffman and other SafeGraph employees have also used SafeGraph forums to direct potential customers to Veraset for specific data needs.

Veraset sells raw, disaggregated, per-device location data. Last year, EFF received records showing how Veraset gave a free trial of such data to officials in Washington, D.C., as well as other unnamed agencies. Veraset offers a product called “Movement”. As the company explains it: “Our core population human movement dataset delivers the most granular and frequent GPS signals available in a third-party dataset. Unlike other data providers who rely on one SDK, we source from thousands of apps and SDKs to avoid a biased sample.” (“SDK” means a “software development kit” embedded in a mobile app, which can be used to gather location data.)

In sum, Veraset is in the business of selling precise, ping-level location data from the smart phones of millions of people. Safegraph itself was in this business until it spun those services off to Veraset. And after this spin-off, Safegraph continued to acquire data from Veraset and steer business there. But a corporate restructuring does not make anyone safer. Highly invasive data about millions of people is still up for sale, putting vulnerable people at serious risk. 

The “Places Not People” Fallacy

With that context in mind, let’s consider SafeGraph’s claim that it “only sells data about physical places (not individuals).” However the company frames it, the data is about people. Safegraph’s data comes from mobile devices carried by human beings, and represents large portions of their daily movements, habits, and routines. Marketers, transportation departments, law enforcement, and others are only interested in location data because it reveals things about the people who visit those locations.

When location data is disaggregated and device-specific (as in SafeGraph’s contract with Illinois), it is effectively impossible to “de-identify.” Information about where a person has been itself is usually enough to re-identify them. For example, someone who travels frequently between a given office building and a single-family home is probably unique in those habits and therefore identifiable from other readily identifiable sources. One widely cited study from 2013 even found that researchers could uniquely characterize 50% of people using only two randomly chosen time and location data points. 

A national security contractor that peddles the same kind of data relies on its specificity. As one spokesperson said during a live demonstration, “If I’m a foreign intel officer, I don’t have access to things like the agency or the fort, I can find where those people live, I can find where they travel, I can see when they leave the country.” 

Aggregation of location data can sometimes preserve individual privacy, depending on appropriate aggregation parameters and choices. Factors include the number of people and phone pings in the data set, and the granularity of the location described (such as square miles versus square feet). But no privacy-preserving aggregation protocols can justify the initial collection of location data from people without their voluntary opt-in consent, especially when that location data is then exploited for profit. Sensitive data should only be collected and used with specific, informed consent, and we must reserve the right to withdraw that consent at any time. Data brokers like SafeGraph do not meet these standards.

What Can We Do?

Users who are concerned about tracking by data brokers can take simple steps to reduce their impact. 

Read our new guide to digital safety and privacy tips for people involved in abortion access, as well as our Surveillance Self-Defense playlist for reproductive healthcare providers, seekers, and advocates. You can also check out more information on creating a personal security plan, attending a protest, and location tracking on mobile phones.

To start, disable the advertising ID on your phone, which is the primary key that brokers use to link data to individuals. (Here’s how on Android and iOS.) Disable location permissions for apps you don’t trust, and generally audit the permissions that third-party apps are granted. Use a browser that respects your privacy, like Safari or Firefox, and install a tracker blocker like Privacy Badger for extra protection. 

If you live in California, you can file a “right to know” request with SafeGraph and Veraset to see what information they have about you. You can also exercise your right to opt out of sale and request that the companies delete your personal information. Unfortunately, Safegraph and Veraset are just two of the hundreds of data brokers that profit from personal information: you can see a list of brokers, and find out how to exercise your rights, at the California attorney general’s registry. Nevada residents can also request that the brokers refrain from selling your data in the future. 

If you are a sitting member of Congress, you can pass a comprehensive privacy law to stop this invasive business model once and for all.

Bennett Cyphers

The Movement to Ban Government Use of Face Recognition

1 week 5 days ago

In the hands of police and other government agencies, face recognition technology presents an inherent threat to our privacy, free expression, information security, and social justice. Our faces are unique identifiers that can’t be left at home, or replaced like a stolen ID or compromised password. The technology facilitates covert mass surveillance of the places we frequent, people we associate with, and, purportedly, our emotional state.

Fortunately, communities across the country are fighting back. In the three years since San Francisco passed its first-of-a-kind ban on government use of facial recognition, at least 16 more municipalities, from Oakland to Boston, have followed their lead. These local bans are necessary to protect residents from harms that are inseparable from municipal use of this dangerous technology.

The most effective of the existing bans on government face surveillance have crucial elements in common. They broadly define the technology, provide effective mechanisms for any community member to take legal enforcement action should the ordinance be violated, and limit the use of any information acquired in an inadvertent breach of the prohibition.

There are, however, important nuances in how each ordinance accomplishes these goals. Here we will identify the best features of 17 local bans on government use of face recognition. We hope this will help show authors of the next round how best to protect their communities.

You can press the play button below to see a map showing the 17 communities that have adopted these bans.

%3Ciframe%20src%3D%22https%3A%2F%2Fwww.google.com%2Fmaps%2Fd%2Fembed%3Fmid%3D1SYYYrCe8rmRPrZyz5uFPSo4j4a_Dlkhb%26amp%3Behbc%3D2E312F%22%20width%3D%22640%22%20height%3D%22480%22%20allow%3D%22autoplay%22%3E%3C%2Fiframe%3E Privacy info. This embed will serve content from google.com

Here is a list of these 17 communities:


Definition of “face recognition”

Particular consideration must be given in any tech-related legislation to define what tools and applications are, and are not, intended to be covered. Complicating that challenge is the need to define the relevant technology broadly enough to assure that emerging capabilities are suitably captured, while not inadvertently impacting technologies and applications that should not fall within the bill's scope.

Here, many forms of government use of face recognition technology may present significant threats to essential civil liberties. They may also exacerbate bias. Today, the most widely deployed class of face recognition is often called “face matching.” This can be used for “face identification,” that is, an attempt to link photographs of unknown people to their real identities. For example, police might take a faceprint from a new image (e.g., taken by a surveillance camera) and compare it against a database of known faceprints (e.g., a government database of ID photos). It can also be used for “face verification,” for example, to determine whether a person may have access to a location or device. Other forms of face matching include “face clustering,” or automatically assembling together all the images of one person, and “face tracking,” or automatically following a person’s movements through physical space. All of these threaten digital rights.

Another application of face recognition is “face analysis,” also known as “face inference,” which proponents claim can identify demographic traits, emotional state, and more based on facial features. This invites additional bias, and suggests a return to the age of phrenology.

Bans on government use of face recognition must be drawn broadly enough to address all of these threats. Fortunately, many of the existing bans follow Boston’s example in defining face surveillance and face surveillance systems as:

Face surveillance” shall mean an automated or semi-automated process that assists in identifying or verifying an individual, or in capturing information about an individual, based on the physical characteristics of an individual's face.

“Face surveillance system” shall mean any computer software or application that performs face surveillance.

Critically, these definitions are not limited just to face identification and face verification, but extend also to other technologies that use face characteristics to capture information about people.

Oakland, California offers another strong example:

“Face Recognition Technology” means an automated or semi-automated process that: (A) assists in identifying or verifying an individual based on an individual's face; or (B) identifies or logs characteristics of an individual's face, head, or body to infer emotion, associations, expressions, or the location of an individual.

Notably, it extends beyond face characteristics, to also cover head and body characteristics. It thus captures many of the current uses and future-proofs for some of the most concerning types of biometric data.

Importantly, each definition effectively captures the intended technology and applications, while not inadvertently capturing less-concerning practices such as ordinary film, video, and still photography.

Don’t use it, don’t outsource it

While it is critical that cities ban their own agencies from acquiring and using face recognition technology, this alone is not enough to protect residents from harm. It is also necessary for cities to ban their agencies from acquiring or using information derived from face recognition technology. Otherwise, city employees banned from using the technology could just ask others to use the technology for them.

While police departments in large cities like New York and Detroit may have in-house face recognition systems and teams of operators, many more local police agencies around the country turn to state agencies, fusion centers, and the FBI for assistance with their face recognition inquiries. Thus, legislation that addresses the technology while not addressing the information derived from the technology may have little impact.

Lawmakers in several cities including Berkeley have taken the important additional step of making it unlawful to access or use information obtained from Face Recognition Technology, regardless of the source of that information:

it shall be a violation of this ordinance for the City Manager or any person acting on the City Manager’s behalf to obtain, retain, request, access, or use: i) any Face Recognition Technology; or ii) any information obtained from Face Recognition Technology...

Berkeley's ordinance further elaborates that even when city employees inadvertently gain access to information derived from face recognition technology, the data generally must be promptly destroyed and cannot be used. Also, any inadvertent receipt or use of this information must be logged and included in the city’s annual technology report, including what measures were taken to prevent further transmission or use. This vital transparency measure assures residents and legislators are made aware of these errors, and can better identify any patterns suggesting intentional circumvention of the law’s intent.


Exceptions can swallow any rule. Authors and supporters of bans on government use of face recognition must tread carefully when carving out allowable uses.

First, some ordinances allow face detection technologies that identify and blur faces in government records, to prepare them for disclosure under Freedom of Information Acts (FOIAs). This can help ensure, for example, transparent public access to government-held videos of police use of force, while protecting the privacy of the civilians depicted. Face detection technology does not require the creation of faceprints that distinguish one person from another, so it raises fewer privacy concerns. Unfortunately, there can be racial disparities in accuracy.

King County’s ordinance provides two necessary safeguards for government use of face detection technology. It can only be used “for the purpose of redacting a recording for release …, to protect the privacy of a subject depicted in the recording.” Also, it “can not generate or result in the retention of any facial recognition information.”

Second, some ordinances allow local government to provide its employees with phones and similar personal devices, for use on the job, that unlock with the employee’s faceprint. Some employees use their devices to collect personal information about members of the public, and that information should be securely stored. While passwords provide stronger protection, some employees might fail to lock their devices at all, without the convenience of face locks.

Third, some ordinances allow local government to use face locks to control access to restricted government buildings. Portland, Maine’s ordinance has two important safeguards. As to people authorized for entry, no data can be processed without their opt-in consent. As to other people, no data can be processed at all.

Fourth, a few ordinances allow police, when investigating a specific crime, to acquire and use information that another entity obtained through face recognition. EFF opposes these exemptions, which invite gamesmanship. At a minimum, police prohibited from themselves using this tech must also be prohibited from asking another agency to use this tech on their behalf. Boston has this rule. But unsolicited information is also a problem. San Francisco police broadly circulated a bulletin to other agencies, including the photo of an unknown suspect; one of these agencies responded by running face recognition on that photo; and then San Francisco police used the resulting information. New Orleans’ ordinance goes a step farther, prohibiting use of information generated by this tech “with the knowledge of” a city official. Fortunately, 12 of 17 jurisdictions do not have this exemption at all.

Fifth, a few jurisdictions exempt compliance with the National Child Search Assistance Act. This is unnecessary: that Act simply requires agencies to report information they already have, and does not require any acquisition or use of technology or information. Fortunately, 13 of 17 jurisdictions eschew this exemption.


It is not enough to ban government use of face recognition. It is also necessary to enforce this ban. The best way is to empower community members to file their own enforcement lawsuits. These are called private rights of action.

The best ones broadly define who can sue. In Oakland, for example, “Any violation of this Article … constitutes an injury and any person may institute proceedings …” It is a mistake to limit enforcement just to a person who can show injury from being subjected to face recognition. It can be exceedingly difficult to identify such people, despite a brazen violation of the ordinance. Further, government use of face recognition harms the entire community, including through the chilling of protest in public spaces.

Private enforcement requires a full arsenal of remedies. A judge must have the power to order a city to comply with the ordinance. Also, there should be damages for a person who was subjected to face recognition. Oakland provides this. A prevailing plaintiff should be paid their reasonable attorney fees. This ensures access to the courts for everyone, and not just wealthy people who can afford to hire a lawyer. San Francisco properly allows full recovery of all reasonable fees.

Other enforcement tools are also important. First, evidence collected in violation of the ordinance should be excluded from court proceedings, as in Minneapolis. Second, employees who blow the whistle on rule-breaking should be protected, as in Berkeley. Third, employees who break the rules should be subject to workplace discipline, as in Brookline.

Other bans

When legislators and advocates write a ban on government use of face recognition, they should consider whether to also ban government use of other kinds of surveillance technologies. Many are so dangerous and invasive that government should not use them at all.

For example, EFF opposes government use of predictive policing. We are pleased that four cities have ordinances forbidding municipal use: New Orleans, Oakland, Pittsburgh, and Santa Cruz. Likewise, EFF supported Oakland’s ban on municipal use of voiceprints.

Nationwide ban

City and county-level lawmakers are not alone in understanding that government use of face surveillance technology chills free speech, threatens residents’ privacy, and amplifies historical bias. Federal lawmakers including Senators Edward Markey, Jeff Merkley, Bernie Sanders, Elizabeth Warren, and Ron Wyden alongside U.S. Representatives Pramila Jayapal, Ayanna Pressley, and Rashida Tlaib have stepped forward in introducing the Facial Recognition and Biometric Technology Moratorium Act (S.2052/H.R.3907). If passed, it would ban federal agencies like Immigration and Customs Enforcement, the Drug Enforcement Administration, the Federal Bureau of Investigation, and Customs and Border Protection from using face recognition to surveil U.S. residents and travelers. The act would also withhold certain federal funding from local and state governments that use face recognition.

Take Action

If you don’t live in one of the 17 cities that have already adopted a local ban on government use of face recognition, there’s no place like home to begin making a change. In fact, there may already be groups in your community setting the wheels in motion. Our About Face campaign helps local organizers educate their representatives and communities, and every resident to take that first step in calling for change. If you have an Electronic Frontier Alliance group in your area, they can also be a great resource in finding like-minded neighbors and activists to amplify your efforts. If your city has already protected you and your neighbors (and even if it has not yet), you can still stand up for friends and loved ones by letting your congressional representatives know it’s time to ban federal use of face recognition, too.  

Nathan Sheard

Digital Security and Privacy Tips for Those Involved in Abortion Access

1 week 6 days ago

Legislation deputizing people to find, sue, and collect damages from anyone who tries to help people seeking abortion care creates serious digital privacy and security risks for those involved in abortion access. Patients, their family members and friends, doctors, nurses, clinic staff, reproductive rights activists, abortion rights counselors and website operators, insurance providers, and even drivers who help take patients to clinics may face grave risks to their privacy and safety. Other legislation that does not depend on deputizing “bounty hunters,” but rather criminalizes abortion, presents even more significant risks.

Those targeted by anti-abortion laws can, if they choose, take steps to better protect their privacy and security. Though there is no one-size-fits-all digital security solution, some likely risks are clear. One set of concerns involves law enforcement and state actors, who may have expensive and sophisticated surveillance technology at their disposal, as well as warrants and subpoenas. Because of this, using non-technical approaches in combination with technical ones may be more effective at protecting yourself. Private actors in states with "bounty laws" may also try to enlist a court's subpoena power (to seek information associated with your ISP address, for example, or other data that might be collected by the services you use). But it may still be easier to protect yourself from this “private surveillance” using technical approaches. This guide will cover some of each. 

Developing risk awareness and a routine of keeping your data private and secure takes practice. Whether the concern is over digital surveillance, like tracking what websites you’ve visited, or attempts to obtain personal communications using the courts, it’s good to begin by thinking at a high level about ways you can improve your overall security and keep your online activities private. Then, as you come to understand the potential scope of risks you may face, you can narrow in on the tools and techniques that are the best fit for your concerns. Here are some high-level tips to help you get started. We recommend pairing them with some specific guides we’ve highlighted here. To be clear, it is virtually impossible to devise a perfect security strategy—but good practices can help.

1: Compartmentalization

In essence, this is doing your best to keep more sensitive activities separate from your day-to-day ones. Compartmentalizing your digital footprint can include developing the habit of never reusing passwords, having separate browsers for different purposes, and backing up sensitive data onto external drives.


  • Use different browsers for different use cases. More private browsers like DuckDuckGo, Brave, and Firefox are better for more sensitive activities. Keeping separate browsers can protect against accidental data spillover from one aspect of your life into another.
  • Use a secondary email address and/or phone number to register sensitive accounts or give to contacts with whom you don’t want to associate too closely. Google Voice is a free secondary phone number. Protonmail and Tutanota are free email services that offer many privacy protections that more common providers like Gmail do not, such as end-to-end encryption when emailing others also on Protonmail and Tutanota, and fewer embedded tracking mechanisms on the service itself.
  • Use a VPN when you need to dissociate your internet connection from what you’re doing online. Be wary of VPN products that sell themselves as cure-all solutions.
  • If you're going to/from a location that's more likely to have increased surveillance, or if you're particularly worried about who might know you're there, turning off your devices or their location services can help keep your location private.

2: Community Agreements

It’s likely that others in your community share your digital privacy concerns. Deciding for yourself what information is safer to share with your community, then coming together to decide what kind of information cannot be shared outside the group, is a great nontechnical way to address many information security problems. Think of it in three levels: what information should you share with nobody? What information is OK to share with a smaller, more trusted group? And what information is fine to share publicly?


  • Come up with special phrases to mask sensitive communications.
  • Push a culture of consent when it comes to sharing data about one another, be it pictures, personal information, and so on. Asking for permission first is a good way to establish trust and communication with each other.
  • Agree to communicate with each other on more secure platforms like Signal, or offline.

3: Safe Browsing

There are many ways that data on your browser can undermine your privacy and security, or be weaponized against you. Limiting unwanted tracking and reducing the likelihood that data from different aspects of your life spills into one another is a great way to layer on more protection.


  • Install privacy-preserving browser extensions on any browsers you use. Privacy Badger, uBlock Origin, and DuckDuckGo are great options.
  • Use a privacy-focused search engine, like DuckDuckGo.
  • Carefully look at the privacy settings on each app and account you use. Turn off location services on phone apps that don’t need them. Raise the bar on privacy settings for most, if not all, your online accounts.
  • Disable the ad identifier on mobile devices. Ad IDs are specifically designed to facilitate third-party tracking, and disabling them makes it harder to profile you. Instructions for Android devices and iOS devices are here.
  • Choose a browser that’s more private by design. DuckDuckGo on mobile and Firefox (with privacy settings turned up) on the desktop are both good options.

4:  Security Checklists

Make a to-do list of tools, techniques, and practices to use when you are doing anything that requires a bit more care when it comes to digital privacy and security. This is not only good to have so that you don’t forget anything, but is extremely helpful when you find yourself in a more high-stress situation, where trying to remember these things is far from the top of your mind.


  • Tools: VPNs for hiding your location and circumventing local internet censorship, encrypted messaging apps for avoiding surveillance, and anonymized credit cards for keeping financial transactions separate from your day-to-day persona.
  • Strategies: use special code words with trusted people to hide information in plain sight; check in with someone via encrypted chat when you are about to do something sensitive; turn off location services on your cell phone before going somewhere, and back up and remove sensitive data from your main device.
Daly Barnett

The EU's Copyright Directive Is Still About Filters, But EU’s Top Court Limits Its Use

2 weeks ago

The Court of Justice of the European Union has issued a long-awaited judgment on the compatibility of the EU Copyright Directive’s filtering requirements with the Charter of Fundamental Rights of the European Union. The ruling recognizes the tension between copyright filters and the right to freedom of expression, but falls short of banning upload filters altogether.

Under Article 17 of the EU’s controversial Copyright Directive, large tech companies must ensure that infringing content is not available on their platforms or they could be held liable for it. Given that legal risk, platforms will inevitably rely on error-prone upload filters that undermine lawful online speech – as Poland pointed out in the legal challenge that led to the judgment.

No Alternatives to Filtering Tools, But Strong User Safeguards

The Court acknowledged that Article 17’s obligation to review content constitutes a de facto requirement to use automatic recognition and filtering tools, and held that such mechanisms would indeed constitute an interference with users’ freedom of expression rights. However, as with last year’s opinion of the Court of Justice’s Advocate General, the judges concluded that the safeguards provided by Article 17 were adequate. Because those safeguards include an obligation to ensure the availability of lawful uploads, an automated system that cannot “distinguish adequately between unlawful content and lawful content” won’t pass muster under EU law.

The Court also highlighted the responsibility of rightsholders to provide platforms with undoubtedly relevant and necessary information” of an unlawful use of copyrighted material. Platform providers cannot be forced to “generally monitor” user content to check the legality of content; that also means that they cannot be required to conduct an “independent assessment” of the content. If a platform ends up removing lawful content, users can invoke the Directive’s “complaint and redress” mechanisms.

To Block or Not to Block

The court’s focus on interpreting exceptions and limitations to copyright in a way that preserves fundamental rights is laudable and follows the EFF’s own suggestions. Following the court’s criteria, platforms can argue that they are only required to use upload filters in obvious cases. That, in turn, could trigger a requirement for several EU Member States to go rework their implementations of the EU Copyright Directive (which ignore the fundamental rights perspective). The ruling means that national governments must pay much stronger attention to user rights.

However, the Court failed to set out parameters to help platforms decide when and when not to block content. Worse, it side-stepped the core issue – whether automated tools can ever be reasonably implemented. It’s hard to see how the measures implied by this ruling can actually ensure that speech-intrusive measures are  “strictly targeted.” In the ruling, the Court explained the limits of content monitoring by referring to the Glawischnig-Piesczek v Facebook case, a speech-intrusive case involving the removal of defamatory content. But that reference doesn’t tell us much: the Court in Glawischnig-Piesczek v Facebook ignored the state of the art and real-world operations of “automated search tools and technologies tools” and underestimated how screening efforts by platforms could easily become excessive, undermining users’ fundamental rights. 

Christoph Schmon
2 hours 1 minute ago
EFF's Deeplinks Blog: Noteworthy news from around the internet
Subscribe to EFF update feed