Reject AB 2047: California’s Attack on 3D Printers, Creators, and Open Source

EFF action alerts
8 hours 32 minutes ago

California lawmakers are advancing A.B. 2047 toward a floor vote in the State Assembly within the next few weeks. The bill would require 3D printers sold in California to run government-approved software that scans every print and leaves it up to unproven algorithms to identify blueprints which could be firearm components. The real impact however is surveillance, manufacturer lock-in, and censorship without recourse — while the scheme is easily bypassed by people already willing to break existing law by producing firearm parts.

Unlike similar bills, A.B. 2047 goes as far as criminalizing individual users who disable or modify these systems, implicating the open source community and any users or developers who create or use third-party tools.

This bill won’t stop ghost guns, and it’s not about safety. This law demands an unfeasible tech solution for something that is already illegal, and is an attack on user control over devices they already own. California legislators are handing a huge gift to printer manufacturers looking to lock-in users. Creators across the state, from engineers to costume designers, will be stuck with fewer choices, new inconveniences, and enshittification driving up costs and surveillance risks.

California is not merely another state market. It is large enough to set defaults for the entire technology industry. We need to stand with grassroot innovators and demand that the legislature reject A.B. 2047.

Electronic Frontier Foundation

We Updated Our Privacy Policy. Here's What Changed and Why.

EFF update
11 hours 12 minutes ago

We recently updated our privacy policy for the first time since 2022. Most of the changes are clarifications, reorganizations, and improvements in transparency, particularly around how third-party tools that run parts of our site operate. But one change is substantive enough that we want to address it directly.

The Change You Should Know About: Opt-In Email Tracking

We want to know how we’re doing with our advocacy: which campaigns get your attention and which do not, which topics you are very interested in, which less so, and which not at all. It helps us to do our work better and to prioritize or rethink our strategies as we push to build support for freedom, justice and innovation around the world.

So, to give us a rough picture of how we’re doing, we are introducing the option for you to provide explicit, opt-in consent for us to see how you interact with the emails we send you. That includes whether you open emails, and whether you click on the links inside them.

We know what you’re thinking: Doesn’t EFF strongly oppose nonconsensual tracking? You bet we do. Sneaky email tracking is ubiquitous on the web and EFF’s opposition to it remains unchanged. We have never used email tracking pixels and we’re not changing that. We’re not building profiles and we’re not sharing the data and we’re definitely not selling it.

But we do want to give you the option of allowing us to learn about how our communications are landing with you. Here’s how consent will work. We will ask, and if you say yes, we’ll be able to see whether you opened an email or not, and whether you clicked on any links. That's it.

If you say no, or ignore the ask entirely, nothing will change and we’ll do no tracking.

If you say yes, you can change your mind and opt out at any time by clicking an opt-out link in any future email or by contacting membership@eff.org.

We have heard many EFF members say that EFF is one of the only organizations that they trust with consent to track their emails. That trust is important, and we do not take it lightly. But it led us to think that if we ask, enough of you would agree that we could have a better picture of how our campaigns and other emails to you are landing and that, in turn, could help us decide what to double down on and what to change.

By giving you a real ability to consent, EFF is taking a very different path than most of the web. Asking isn’t the norm; it’s more or less never an option to say no and dark patterns often make it hard even if it looks like you can. Unfortunately, estimates have shown that 2/3s of emails received by users contain tracking, regardless of whether the senders received explicit consent at the time when a recipient signs up to receive their mailings. Automatic, nonconsensual tracking doesn’t have to be the default, and it shouldn’t be.

We hope our approach works and it inspires others. It shouldn’t be an abnormality that users are not tracked by default, and that only users who feel comfortable doing so choose to consent to tracking. We hope that our example will show mailing platforms, organizations, and users that a privacy-protective approach is better and worth doing and can still give an email sender a solid understanding what campaigns and other messages resonate with recipients. We weighed this decision carefully. We know that email tracking is something we've criticized when used covertly or without meaningful consent and that many people don’t like at all. For EFF, an opt-in requirement isn't a formality. It's the key distinction between a sneaky strategy and an aboveboard relationship with you. And to us, it’s just a common sense approach based on respect.

It’s also consistent with our advocacy and approach to technology. We have said for many years that strong consumer privacy laws must require real opt-in consent before data is collected. And we have walked our talk in other ways as well, including in pushing for Do Not Track policies and in Privacy Badger, which protects you from ads and trackers that violate the principle of user consent.

Again, this behavior has been our suggestion for privacy policies, and privacy laws. In 2022 we released a guide for nonprofits that recommended the following:

Not tracking email open rates can, unfortunately, sometimes cause list “hygiene” problems, because it becomes difficult to know whether email subscribers on your list are still interested. You can send occasional emails to ensure subscribers want to receive emails, either using open or click tracking, and informing people that the purpose of that specific email is to determine active subscribers. The essential point is to let users know when you are using tracking, and to do it in a limited way when possible....

The Internet Archive found that while they preferred to use no open tracking in their emails to subscribers, too many unreachable email addresses had been added to their list over the years, and some email addresses had even become spam traps. To continue working with their email service provider, they needed to activate some tracking. They needed email open data to know whether an email address was still active or not; but they didn’t need or want gender, age, or demographic data. They settled on informing users that their email open rates are being tracked, and offering the alternate option to sign up for plain-text versions of their emails, which won't transmit any data at all.

In 2019, we recommended that all strong consumer privacy laws must include opt-in consent for data collection. We wrote:

Right to opt-in consent

New legislation should require the operators of online services to obtain opt-in consent to collect, use, or share personal data, particularly where that collection, use, or transfer is not necessary to provide the service.

Any request for opt-in consent should be easy to understand and clearly advise the user what data the operator seeks to gather, how they will use it, how long they will keep it, and with whom they will share it. This opt-in consent should also be ongoing—that is, the request should be renewed any time the operator wishes to use or share data in a new way, or gather a new kind of data. And the user should be able to withdraw consent, including for particular purposes, at any time.

Opt-in consent is better than opt-out consent. The default should be against collecting, using, and sharing personal information. Many consumers cannot or will not alter the defaults in the technologies they use, even if they prefer that companies do not collect their information.

We are sticking to those recommendations, which unfortunately are not yet the law, and following our principles.

We hope that you will feel comfortable opting in, but we also respect that you need to make that decision for yourself, and that you may need to change it as you go. We’ll do our part to make that as clear and easy as possible. And if you do agree, we’ll be grateful for getting a chance to learn a little more about how we’re doing, hopefully in ways that can make us even more effective at ensuring that technology supports freedom, justice and innovation for all the people of the world.

Other Changes: Clarity and Stronger Protections

The rest of the update is largely about being more precise and provide more transparency into our practices.

Cookies on eff.org: The new policy tightens our cookie practices. Previously, we carved out exceptions for "remember me" and logged-in users; now we don't use persistent ID cookies on the eff.org domain at all. We also clarified that other EFF-operated sites‚ like acteff.org and shopeff.org‚ have their own cookie policies and that our policies aren’t the ones that apply there. We’re not happy that you have to navigate multiple policies like this, but it’s one of the ways that the cookie ecosystem has gotten unfortunately complex. We want to be sure you know that and know where to look for all the information.

Third-party tool transparency: Similarly, while the vast majority of EFF’s public-facing websites, online tools and tech projects are created internally, self-hosted, and self-maintained, some of them are not. In this new policy, we are working to be more detailed and explicit in the new policy about those third-party services, and how they operate under their own privacy policies, not solely ours.

To help you understand exactly what choices you have when using these tools, we're publishing dedicated Privacy Guides for each of them. The first is live now for our shop, which runs on Shopify: EFF Shopify Privacy Guide. Guides for our other third-party tools are coming soon. As always, we recommend installing Privacy Badger to limit exposure from third-party tracking.

Overall, EFF believes that when a project like the Atlas of Surveillance doesn't exist, and we think it should, we build it and maintain it. But what matters most to us is protecting your digital rights. So the time required to maintain and upgrade the tools we have built has to be weighed against our need to build new projects to fight new fights. And sometimes, a tool that was needed when we built it, like EFF’s Action Center, can be replaced by something that can take some of the weight off our internal staff.

To help make space for new projects, we carefully investigate services we rely on—like our campaign tools, payment processors, and online shop—and look for third party options that are the best in the industry and offer a level of privacy our users deserve. In this new privacy policy we try to give you as much information about those third-party services as we can.

GDPR data management: We added a clear, dedicated process for users in the EU and elsewhere to request deletion of their personal data. Email info@eff.org with the subject line "GDPR Data Deletion Request" and we'll respond within the legally required timeframe.

Data retention: We reorganized and clarified how long we keep different types of records (communications, financial records, donation paperwork) into a cleaner list. The substance is unchanged, but the structure should make it easier to find what's relevant to you.

Action Center: You may notice that the previous policy included a dedicated section on our Action Center - how we handled your campaign participation data, what we retained, and so on. That section is gone because we're transitioning our campaign tools to a third-party provider. This is the kind of situation the new third-party transparency language addresses: that provider operates under its own privacy policy, which we'll link to in its dedicated Privacy Guide. Our commitment to your privacy in those contexts doesn't change‚ it just lives in a different place now.

What Hasn't Changed

The fundamentals remain what they've always been: we don't sell your information, we don't share it with third parties without your real (not manufactured or dark-patterned) consent, outside of legal requirements we cannot change. We actively push back on legal demands we believe are improper. EFF's mission is to protect your digital rights, and our own practices will continue to reflect that. The changes we’ve described above will help us in that mission.

support EFF

You can read the full updated policy at eff.org/policy. If you have questions, we're always reachable at info@eff.org.

Lena Gunn

We Must Not Normalize Digital Surveillance Abuses. EFF’s New Guide Underlines Concrete Steps to Fight Back.

EFF update
12 hours ago

Poor accountability, feeble control mechanisms, and insufficient legal frameworks have led to systematic human rights violations in the Americas, with no consistent remedy or reparation to victims. What's needed is to materialize essential guarantees and measures to combat repeated surveillance abuses in the region. To help build a path for solutions, EFF launches the guide Tackling Arbitrary Digital Surveillance in the Americas, adding to our extensive work leveraging human rights norms to confront state privacy violations.

The document compiles privacy, data protection, and access to information guarantees established within the Inter-American Human Rights System to provide concrete, actionable guidance to governments in the Americas to curb the vicious cycle of state digital surveillance abuses. It outlines the safeguards and institutional measures necessary to protect individuals and details rules, parameters, and standards to overcome current pernicious practices and trends. 

As concerns over national and public security intensify, countries in the region seem to increasingly normalize the pervasiveness of digital surveillance technologies and their arbitrary use by security forces as a distorted form of protection. However, no actual protection can arise from arbitrary surveillance. 

When public security, intelligence, and law enforcement agencies neglect or harm settled rights in the name of national security or public order, they too become a threat. Tolerating rights violations creates the dire situation that the Freedom of Expression Special Rapporteur of the Inter-American Commission on Human Rights thoroughly analyzed in his report about the serious impacts of digital surveillance on freedom of expression in the Americas.

The great majority of states in Latin America have ratified the American Convention on Human Rights. As such, the parameters and rules our new guide describes stem directly from their obligations before international human rights law. State agents and institutions must take the necessary measures to make them a reality.

As EFF’s guide points out, states must implement clear and precise legal frameworks that:

  • define surveillance powers and limitations;
  • ensure all surveillance measures pursue legitimate aims without discriminatory ends;
  • subject interference with privacy to rigorous necessity and proportionality analysis;
  • require prior judicial authorization for digital surveillance measures;
  • maintain detailed records of surveillance operations;
  • establish independent civilian oversight institutions with technical expertise and enforcement powers;
  • guarantee individuals' right to informational self-determination and proper notification; and
  • provide effective remedies and reparation for victims of surveillance abuses.

States must also put in place the institutional processes and structures to give effect to these legal guarantees. As we stress in the document, States that embrace the guide’s recommendations will not only comply with their international obligations, but will also build more resilient, rights-respecting security architectures capable of addressing genuine threats without sacrificing the freedoms they exist to protect. 

Civil society leaders, activists, legal experts, public defenders, oversight institutions, and state officials committed to human rights must gather and ramp up the fight against the normalization of digital surveillance abuses in the Americas. We hope that EFF’s new guide can serve as a crucial tool in strengthening this fight, one that we have joined since our early days.

Veridiana Alimonti

【ITC】人間性を阻害か 若者にみられる「病的使用」気に動く各国 さいたまで学習会=木下寿国(ライター)

日本ジャーナリストクラブ(JCJ)
13 hours 15 minutes ago
 インターネットに代表される情報通信技術(ICT)を誰もが使える現代社会で、便利さに潜む負の影響が世界的に深刻な問題となってきた。3月28日、さいたま市で催された「ホントはどうなの?『読み書き』能力の低下とICT利用」学習会では、デジタル社会問題を研究する吉田雅人さんが、未成年者のソーシャルメディア(SNS)利用について報告した=写真=。 今年2月、こども家庭庁が発表した「青少年のインターネット利用環境実態調査」によると、高校生のネット利用は毎日、平均で6時間44分。学校や睡..
JCJ

【お知らせ】映画「アレン・ネルソン 9条を抱きしめて~元海兵隊員が語る戦争の真実」の無料上映会を5月23日(土)午後2時から4時に開催

日本ジャーナリストクラブ(JCJ)
1 day 2 hours ago
260516 【案内チラシ確定版】2026.05.23 再上映&講演・案内.pdf 放送を語る会がZOOMを使って映画「アレン・ネルソン 9条を抱きしめて~元海兵隊員が語る戦争の真実」の無料上映会を開催します。Zoom参加URLhttps://us06web.zoom.us/j/88179979259?pwd=vgHQqOznbPRIckaWg5FHKMOPRvkqZE.1ミーティング ID: 881 7997 9259パスコード: 8nKAJX 高市政権が改憲ムードを煽る憲..
JCJ

【寄稿】24年3月29日提訴から3年目 奈良訴訟とは=自衛隊名簿提供違憲訴訟@奈良 諸富 健 弁護士

日本ジャーナリストクラブ(JCJ)
3 days 3 hours ago
                自衛隊募集の案内はがき 2019年1月、安倍晋三首相(当時)が衆議院本会議において自衛隊への名簿提供に応じるよう自治体にはっぱをかけるような答弁をしたこともきっかけに、2021年2月5日、防衛省と総務省の連名で、自衛隊法97条1項、同施行令120条を根拠に名簿提供をすることができ、住民基本台帳法上特段の問題を生じない旨の通知を全都道府県宛に発出した。 提訴の経緯は これにより、名簿提供に応じる自治体が増加した。奈良市でも2023年1月30日に自..
JCJ

[B] 米中の違いの根本

日刊ベリタ
3 days 4 hours ago
米中は現在、トランプ氏の中国訪問で注目を集めていますが、この二つの大国には根本的な違いがあります。それが、現在の米中問題の根本にあります。(落合栄一郎)
日刊ベリタ

【Bookガイド】5月の“推し本”紹介=萩山 拓(ライター)

日本ジャーナリストクラブ(JCJ)
3 days 12 hours ago
ノンフィクション・ジャンルからチョイスした本の紹介です(刊行順・販価は税別)◆西谷文和『なぜ中東で戦争が終わらないのか』かもがわ出版 5/7刊 1800円中東では、2003年のイラク戦争以来、長くテロがテロを呼び戦争が延々と続いてきた。そこへトランプ+ネタニヤフによる両国軍がイランへ侵略の攻撃を、突如始める。なぜ?戦場ジャーナリストによる現場からの告発。写真約200枚。 著者は大阪市立大学経済学部卒業、吹田市役所勤務を経て、フリージャーナリストに転身。世界の紛争地を取材し、テ..
JCJ