Internet Companies Must Adopt Consistent Rules and Transparent Moderation Practices
Big online platforms tend to brag about their ability to filter out violent and extremist content at scale, but those same platforms refuse to provide even basic information about the substance of those removals. How do these platforms define terrorist content? What safeguards do they put in place to ensure that they don’t over-censor innocent people in the process? Again and again, social media companies are unable or unwilling to answer the questions.
If you open Facebook’s mobile app today, it will likely suggest that you try the company’s new Dating service, which just launched in the U.S. after a rollout in 19 other countries last year. But with the company’s track record of mishandling user data, and its business model of monetizing our sensitive information to power third-party targeted advertising, potential users should view Facebook’s desire to peek into our bedrooms as a huge red flag.
Today marks the last day that the Ecuadorean prosecution has to investigate its case against Ola Bini, the Swedish free software programmer who was arrested there in April and detained for over two months without trial and without clear charges. On Thursday, the judge accepted a plea by the prosecutors to change the nature of the charges, switching from one part of Ecuador’s broad cybercrime statute to another. It seems likely that the prosecution will rely on evidence uncovered a few weeks ago that depicted Bini accessing an open, publicly available telnet service: an act that is, in itself, entirely legal under any reasonable interpretation of the law.
The sudden swapping out of charges at the last moment is just the latest twist in a politically charged and technically confused prosecution. It should be no surprise, then, that Amnesty International this week released a statement denouncing Ecuador’s treatment of Bini. The organization, which works to protect human rights globally, has determined that the Ecuadorian state failed to comply with its obligations under international law during Bini’s arrest and subsequent detention. In addition to this pronouncement, Amnesty has also expressed serious concern that political interference jeopardizes the chance for a fair trial, concerns that EFF has raised as well.
EFF is teaming up with the Mozilla Foundation to tell Venmo to clean up its privacy act. In a public letter sent to President/CEO Dan Schulman and COO Bill Ready today, we are telling Venmo to make transactions private by default and let users hide their friend lists.
Both EFF and Mozilla have voiced concern with Venmo’s privacy practices in the past. Venmo is marketed as a way for friends to send and receive money, so people can easily split bills like restaurant checks or concert tickets. However, those transactions are public by default, which can reveal private details about who you spend time with and what you do with them. While users do have an option to hide their transactions if they dig into Venmo’s privacy settings, there is no way for users to hide their friend lists. That means that anyone can uncover who you pay regularly, creating a public record of your personal and professional community.
Biometric surveillance by companies against consumers is a growing menace to our privacy, freedom of expression, and civil rights. Fortunately, a federal appeals court has ruled that a lawsuit against Facebook for its face surveillance may move forward.
The decision, by the federal Ninth Circuit about an Illinois privacy law, is the first by an American appellate court to directly identify the unique hazards of face surveillance. This is an important victory for biometric privacy, access to the courts for ordinary people, and the role of state governments as guardians of our digital liberty.
To use PGP to exchange secure emails you have to bring together three programs: GnuPG, Mozilla Thunderbird and Enigmail. GnuPG is the program that actually encrypts and decrypts the content of your mail, Mozilla Thunderbird is an email client that allows you to read and write emails without using a browser, and Enigmail is an add-on to Mozilla Thunderbird that ties it all together.
What this guide teaches is how to use PGP with Mozilla Thunderbird, an email client program that performs a similar function to Outlook. You may have your own favorite email software program (or use a web mail service like Gmail or Outlook.com). This guide won’t tell you how to use PGP with these programs. You can choose either to install Thunderbird and experiment with PGP with a new email client, or you can investigate other solutions to use PGP with your customary software. We have still not found a satisfactory solution for these other programs.
Adversarial interoperability is what happens when someone makes a new product or service that works with a dominant product or service, against the wishes of the dominant business.
Though there are examples of adversarial interoperability going back
to early phonograms and even before, the computer industry has always
especially relied on adversarial interoperability to keep markets
competitive and innovative. This used to be especially true for personal
From 1969 to 1982, IBM was locked in battle with the US Department of
Justice over whether it had a monopoly over mainframe computers; but
even before the DOJ dropped the suit in 1982, the computing market had
moved on, with mainframes dwindling in importance and personal computers
rising to take their place.
The PC revolution owes much to Intel’s 8080 chip, a cheap processor
that originally found a market in embedded controllers but eventually
became the basis for early personal computers, often built by hobbyists.
As Intel progressed to 16-bit chips like the 8086 and 8088, multiple
manufacturers entered the market, creating a whole ecosystem of
Intel-based personal computers.
In theory, all of these computers could run MS-DOS, the Microsoft
operating system adapted from 86-DOS, which it acquired from Seattle
Computer Products, but, in practice, getting MS-DOS to run on a given
computer required quite a bit of tweaking, thanks to differences in
controllers and other components.
When a computer company created a new system and wanted to make sure it could run MS-DOS, Microsoft would refer the manufacturer to Phoenix Software (now Phoenix Technologies), Microsoft’s preferred integration partner, where a young software-hardware wizard named Tom Jennings (creator of the pioneering networked BBS software FidoNet) would work with Microsoft’s MS-DOS source code to create a custom build of MS-DOS that would run on the new system.
After spending nearly a week in Ecuador to learn more about the case against Swedish open source software developer Ola Bini, who was arrested here in April, EFF has found a clear consensus among the experts: the political consequences of his arrest appear to be outweighing any actual evidence the police have against him. The details of who stood to benefit from Bini’s prosecution varied depending on who we spoke with, but overall we have been deeply disturbed by how intertwined the investigation is to the political effects of its outcome. Ola Bini’s innocence or guilt is a fact that should be determined only be a fair trial that follows due process; it should in no way be impacted by potential political ramifications.
Since academics and investigative journalists first reported last year that Facebook was using people’s two-factor authentication numbers and “shadow” contact information for targeted advertising, Facebook has shown little public interest in fixing this critical problem. Subsequent demands that Facebook stop all non-essential uses of these phone numbers, and public revelations that Facebook’s phone number abuse was even worse than initially reported, failed to move the company to action.
Yesterday, rather than face a lawsuit from FTC, Facebook agreed to stop the most egregious of these practices.
In its next release, Android plans to up its privacy game. But the operating system still caters to ad trackers at its users’ expense.
The newest release of Android, dubbed “Q,” is currently in late-stage beta testing and slated for a full release this summer. After a year defined by new privacy protections around the world and major privacy failures by Big Tech, this year, Google is trying to convince users that it is serious about “protecting their information.” The word “privacy” was mentioned 22 times during the 2019 Google I/O keynote. Keeping up that trend, Google has made—and marketed—a number of privacy-positive changes to Android for version Q.
Many of the changes in Q are significant improvements for user privacy, from giving users more granular control over location data to randomizing MAC addresses when connecting to WiFi networks by default. However, in at least one area, Q’s improvements are undermined by Android’s continued support of a feature that allows third-party advertisers, including Google itself, to track users across apps. Furthermore, Android still doesn’t let users control their apps’ access to the Internet, a basic permission that would address a wide range of privacy concerns.