EFF: Former Members Call On Congress To Create A New Church Committee

This article, written by legislative analyst Mark Jaycox, was originally published by the Electronic Frontier Foundation:

Monday marks the second day of “Sunshine Week”—a week to focus on the importance of open government and how to ensure accountability of our leaders at the federal, state, and local levels.

When US intelligence agencies were caught spying on Americans 40 years ago, Congress answered the public outcry by creating an investigative task force to bring these covert, and potentially illegal, practices into the light. The Church Committee, as it was commonly known because of its chairman, Sen. Frank Church, interviewed 800 people, held 271 hearings and published volumes upon volumes of reportsall of which paved the way for reform.

Today, we are publishing a letter signed by 16 former counsel, advisers, and professional staff members of the Church Committee, calling on Congress to create a new special committee to investigate the NSA and other intelligence agencies. This new “Church Committee for the 21st Century” would conduct a thorough examination into the oversight system currently in place (including the House and Senate Intelligence Committees) and the intelligence communities actions (such as the CIA spying on Senate staff and the NSA spying on all Americans).

They write:

As former members and staff of the Church Committee we can authoritatively say: the erosion of public trust currently facing our intelligence community is not novel, nor is its solution. A Church Committee for the 21st Century—a special congressional investigatory committee that undertakes a significant and public reexamination of intelligence community practices that affect the rights of Americans and the laws governing those actions—is urgently needed. Nothing less than the confidence of the American public in our intelligence agencies and, indeed, the federal government, is at stake.

Read the full letter here, or download it here. Last week, Frederick A.O. Schwarz Jr., who served as chief counsel to the Church Committee, also published an editorial in The Nation, titled “Why We Need a New Church Committee to Fix Our Broken Intelligence System.”

For some heavy reading that will leave you with a sense of surveillance déjà vu, you can also peruse the Church Committee’s historic reports here.

Guess Who Just Made The List: A Guide To The Internet’s Biggest Enemies

The Electronic Frontier Foundation’s Director for International Freedom of Expression Jillian York wrote this post, which originally appeared on the foundation’s website on Thursday.

Reporters Without Borders (RSF) released its annual “Enemies of the Internet” index this week—a ranking first launched in 2006 intended to track countries that repress online speech, intimidate and arrest bloggers, and conduct surveillance of their citizens.  Some countries have been mainstays on the annual index, while others have been able to work their way off the list.  Two countries particularly deserving of praise in this area are Tunisia and Myanmar (Burma), both of which have stopped censoring the Internet in recent years and are headed in the right direction toward Internet freedom.

In the former category are some of the world’s worst offenders: Cuba, North Korea, China, Iran, Saudi Arabia, Vietnam, Belarus, Bahrain, Turkmenistan, Syria.  Nearly every one of these countries has amped up their online repression in recent years, from implementing sophisticated surveillance (Syria) to utilizing targeted surveillance tools (Vietnam) to increasing crackdowns on online speech (Saudi Arabia).  These are countries where, despite advocacy efforts by local and international groups, no progress has been made.

The newcomers 

A third, perhaps even more disheartening category, is the list of countries new to this year’s index.  A motley crew, these nations have all taken new, harsh approaches to restricting speech or monitoring citizens:

Russia: As RSF writes, Russia has been on a downward slope for more than a decade.  Until fairly recently, however, the Russian government did not directly censor the Internet, preferring instead to employ subtle strategies to control online discourse.  In 2012, that changed, when the Russian Duma overwhelmingly passed a bill allowing the creation of a national blacklist of websites.  Today, that blacklist continues to grow, while the government continues to seek new ways of limiting online speech.

Pakistan: We’ve expressed concerns about Pakistan many times before, so we’re glad to see the country called out for its repressive behavior.  Despite significant opposition from inside the country, the Pakistan Telecommunications Authority continues to add sites to its opaque blacklist, most notably YouTube following the ‘Innocence of Muslims’ debacle in 2012.  Efforts from local activists have also demonstrated the willingness of foreign companies—in particular Canadian company Netsweeper—to aid in Pakistan’s repression of speech.

United States: This is the first time the US has made it onto RSF’s list.  While the US government doesn’t censor online content, and pours money into promoting Internet freedom worldwide, the National Security Agency’s unapologetic dragnet surveillance and the government’s treatment of whistleblowers have earned it a spot on the index.

United Kingdom: The European nation has been dubbed by RSF as the “world champion of surveillance” for its recently-revealed depraved strategies for spying on individuals worldwide.  The UK also joins countries like Ethiopia and Morocco in using terrorism laws to go after journalists.  Not noted by RSF, but also important, is the fact that the UK is also cracking down on legal pornography, forcing Internet users to opt-in with their ISP if they wish to view it and creating a slippery slope toward overblocking.  This is in addition to the government’s use of an opaque, shadowy NGO to identify child sexual abuse images, sometimes resulting instead in censorship of legitimate speech.

India: A country that has long censored certain types of speech, it’s surprising that India has never made it to RSF’s list before.  Still, in the past two years, things have gotten significantly worse as the Indian government has enacted new laws to limit online speech and has slouched toward the NSA at a time when its neighbors have spoken out against surveillance.

Ethiopia: The African country has been on a downward spiral for the past few years, blocking VoIP services, sentencing bloggers to long prison sentences, and enacting laws to block online content.  Most recently, EFF filed a lawsuit accusing the Ethiopian government of installing spyware on the device of an American citizen of Ethiopian origin.  In a similar case, Privacy International filed a criminal complaint alleging the use of FinSpy on the device of a UK resident.

Missing from the list

There are a few countries that were left out of this year’s index that we think should have been included.  These nations have all taken a turn for the worse in recent years:

Turkey: Although Turkey has shown up on RSF’s watchlist before, and despite a spate of arrests of social media users during last summer’s protests, Turkey managed to stay off this year’s index.  The country has come under fire from human rights advocates for its online repression, and in 2012, the European Court of Human Rights found that Turkey had violated its citizens’ right to free expression by blocking Google sites.  Turkey is definitely an enemy of the Internet.

Jordan: Despite local protests and international opposition, in June 2013, Jordan initiated a ban on more than 300 news sites that refused or failed to register with the Press and Publications Department.  Those sites remain blocked.

Morocco: The North African nation’s approach to the Internet had improved somewhat in recent years, with the government unblocking sites that were formerly censored.  The arrest of journalist Ali Anouzla in September 2013 and subsequent blocking of Lakome, the publication he co-founded, however, seems to signal a new era.  Activists have expressed concern that bad legislation is just around the corner.

We urge the countries that find themselves on RSF’s “Enemies of the Internet” list this year—as well as those that are glaringly missing from the list—to take note of countries, such as Tunisia and Myanmar (Burma), who have taken steps to ameliorate violations of Internet freedom and remove themselves from RSF’s annual index.

 

 

EFF: Supreme Court Must Set Limits On Cellphone Searches

This article was originally published by the Electronic Frontier Foundation.

Changing Technology Demands New Rules for Police

San Francisco — The Electronic Frontier Foundation (EFF) asked the U.S. Supreme Court Monday to set limits on warrantless searches of cellphones, arguing in two cases before the court that changing technology demands new guidelines for when the data on someone’s phone can be accessed and reviewed by investigators.

The amicus briefs were filed in Riley v. California and U.S. v. Wurie. In both cases, after arresting a suspect, law enforcement officers searched the arrestee’s cellphone without obtaining a warrant from a judge. Historically, police have been allowed some searches “incident to arrest” in order to protect officers’ safety and to preserve evidence. However, in the briefs filed Monday, EFF argues that once a cellphone has been seized, the police should be required to get a search warrant to look through the data on the phone.

“Allowing investigators to search a phone at this point — after the device has been secured by law enforcement but before going to a judge and showing probable cause — is leaving 21st Century technology outside the protections of the Fourth Amendment,” said EFF Staff Attorney Hanni Fakhoury. “If we’re going to truly have privacy in the digital age, we need clear, common-sense guidelines for searches of digital devices, with meaningful court oversight of when and how these searches can be conducted.”

In the not-so-distant past, our pockets and purses carried only limited information about our lives. But in the age of the smartphone, we are walking around with a complete, detailed history of our work schedules, our medical concerns, our political beliefs and our financial situations. Our phones include pictures of family gatherings, videos of friends, apps that help manage our health and our money, and email and text messages from both our personal and professional lives.

“Our phones include an extraordinary amount of sensitive information — our past, our present, our plans for the future,” said Fakhoury. “We can’t let investigators rummage through this data on a whim. It’s time for the Supreme Court to recognize the important role that judicial oversight must play in searches of cell phones incident to arrest.”

Today’s brief was filed in conjunction with the Center for Democracy and Technology. The brief was authored with the assistance of Andrew Pincus of Mayer Brown LLP and the Yale Law School Supreme Court Clinic.

For the full brief filed in Riley and Wurie:
https://www.eff.org/document/amicus-brief-supreme-court

For more on search incident to arrest:
https://www.eff.org/issues/search-incident-arrest

Contact:

Hanni Fakhoury
Staff Attorney
Electronic Frontier Foundation
hanni@eff.org

Related Cases

Supreme Court cases on cellphone searches

EFF Tech Experts: Tech Companies Must Defend Against Surveillance

This open letter to tech companies was originally published by the Electronic Frontier Foundation. It includes 10 principles to protect users from National Security Agency sabotage.

In the past nine months, our trust in technology companies has been badly shaken. Today, in collaboration with prominent security researchers and technologists, EFF presents an open letter to technology companies, urging them to protect users from NSA backdoors and earn back the trust that has been lost.

From the Snowden revelations emerge stories of collusion between government spy agencies and the companies whose services are integral to our everyday lives. There have been disturbing allegations published by Reuters indicating that RSA, an influential information security firm, accepted a $10 million contract from NSA that included, among other items, an agreement to use what we now know to be an intentionally compromised random number generator as the default for its BSAFE cryptographic library.

A future where we cannot trust the very technologies meant to secure our communications is fundamentally unsustainable. It’s time for technology companies to start helping users regain trust, with transparency and active opposition to illegal surveillance. Implementing the requisite changes in technical infrastructure and business practices may have short-term costs; however, the long-term cost of keeping users in perpetual fear of NSA sabotage is far greater.

How to Protect Your Users from NSA Backdoors: An Open Letter to Technology Companies

As security researchers, technologists, and digital rights advocates, we are deeply concerned about collaboration between government agencies and technology companies in undermining users’ security. Among other examples, we are alarmed by recent allegations that RSA, Inc. accepted $10 million from NSA to keep a compromised algorithm in the default setting of a security product long after its faults were revealed. We believe that covert collusion with spy agencies poses a grave threat to users and must be mitigated with commitment to the following best practices to protect users from illegal surveillance:

  1. Provide public access to source code whenever possible, and adopt a reproducible build process so that others can verify the integrity of pre-compiled binaries. Both open and closed source software should be distributed with verifiable signatures from a trusted party and a path for users to verify that their copy of the software is functionally identical to every other copy (a property known as “binary transparency”).
  2. Explain choices of cryptographic algorithms and parameters. Make best efforts to fix or discontinue the use of cryptographic libraries, algorithms, or primitives with known vulnerabilities and disclose to customers immediately when a vulnerability is discovered.
  3. Hold an open and productive dialogue with the security and privacy communities. This includes facilitating review and responding to productive criticism from researchers.
  4. Provide a clear and secure pathway for security researchers to report vulnerabilities. Fix security bugs promptly.
  5. Publish government request reports regularly (often these are called “Transparency Reports”). Include the most granular reporting allowed by law.
  6. Invest in secure UX engineering to make it as easy as possible for users to use the system securely and as hard as possible for users to use the system unsafely.
  7. Publicly oppose mass surveillance and all efforts to mandate the insertion of backdoors or intentional weaknesses into security tools.
  8. Fight in court any attempt by the government or any third party to compromise users’ security.
  9. Adopt a principle of discarding user data after it is no longer necessary for the operation of the business.
  10. Always protect data-in-transit with strong encryption in order to prevent dragnet surveillance. Follow best practices for setting up SSL/TLS on servers whenever applicable.

Sincerely,
The Electronic Frontier Foundation in collaboration with*:

  • Roger Dingledine, Project Leader, Tor Project
  • Brendan Eich, CTO, Mozilla Corporation
  • Matthew Green, Assistant Research Professor, Department of Computer Science, Johns Hopkins University
  • Nadia Heninger, Assistant Professor, Department of Computer and Information Science, University of Pennsylvania
  • Tanja Lange, Professor, Department of Mathematics and Computer Science, Technische Universiteit Eindhoven
  • Nick Mathewson, Chief Architect, Tor Project
  • Eleanor Saitta, OpenITP / IMMI
  • Bruce Schneier, Security Technologist
  • Christopher Soghoian, Principal Technologist, Speech, Privacy and Technology Project, American Civil Liberties Union
  • Ashkan Soltani, Independent Researcher and Consultant
  • Brian Warner, Tahoe-LAFS Project
  • Zooko Wilcox-O’Hearn, Founder and CEO, LeastAuthority.com

*Affiliations listed for identification purposes only.

EFF: Support The Right To Repair The Goods You Purchase

This article, written by Electronic Frontier Foundation Intellectual Property Director Corynne McSherry, was originally published on the organization’s website on Feb. 18.

South Dakota has put forth new legislation to support to a simple principle: if you own something, you ought to be allowed to fix it. The new bill, SB 136, would require manufacturers of electronics and appliances that contain embedded software to make available to consumers and independent repair shops the information and parts they need to repair those devices, and fully disclose any contract provision standing in the way of full repair and reuse.

That seems like a pretty uncontroversial goal, but lots of major manufacturers that purport to “sell” you all kinds of products are doing their level best to make sure that if your product breaks, only they (or someone they authorize) can repair it. They do this in all kinds of ways—by tying your purchase (or update) to an expensive repair contract; burying sneaky clauses into license agreements (remember, you might buy a device, but if it contains software to make it more functional you probably only “rent” that software); treating repair information (like diagnostic codes) as proprietary; or refusing to sell repair parts to “unauthorized” independent shops (and then calling in the feds to prosecute shops that sell those parts anyway).

That’s bad for consumers and for the environment—how often have many of us tossed a device into the trash, or recycled it, because repairing it was too expensive? If that device contains electronics, that casual decision added to the e-waste that is slowly poisoning the planet.

South Dakota isn’t the first state to step in to defend its residents’ right to repair. In Massachusetts, legislators and voters passed legislation requiring automakers to provide affordable access to all tools, software and information used to repair late model cars and heavy duty vehicles. That legislation will go into effect in 2015.

SB 136 in South Dakota isn’t perfect—we’d love to see an additional requirement that the information be freely accessible and online, for example—but it’s an important step in the right direction.

The bill was debated in the Commerce committee today, and will move on to a larger vote later this week. If you live in South Dakota, contact your state senator today and tell him or her to support SB 136.

EFF Explains The History Of Surveillance And The Black Community

February is Black History Month and that history is intimately linked with surveillance by the Federal government in the name of “national security.”  Indeed, the history of surveillance in the African-American community plays an important role in the debate around spying today and in the calls for a Congressional investigation into that surveillance. Days after the first NSA leaks emerged last June, EFF called for a new Church Committee. We mentioned that Dr. Martin Luther King, Jr., was one of the targets of the very surveillance that eventually led to the formation of the first Church Committee. This Black History Month, we should remember the many African-American activists who were targeted by intelligence agencies. Their stories serve as cautionary tales for the expanding surveillance state.

The latest revelations about surveillance are only the most recent in a string of periodic public debates around domestic spying perpetrated by the NSA, FBI, and CIA. This spying has often targeted politically unpopular groups or vulnerable communities, including anarchists, anti-war activists, communists, and civil rights leaders.

Government surveillance programs, most infamously the FBI’s “COINTELPRO”, targeted Black Americans fighting against segregation and structural racism in the 1950s and 60s. COINTELPRO, short for Counter Intelligence Program, was started in 1956 by the FBI and continued until 1971. The program was a systemic attempt to infiltrate, spy on, and disrupt activists in the name of “national security.” While it initially focused on the Communist Party, in the 1960s its focus expanded to include a wide swathe of activists, with a strong focus on the Black Panther Party and civil rights leaders such as Dr. Martin Luther King, Jr.

FBI papers show that in 1962 “the FBI started and rapidly continued to gravitate toward Dr. King.” This was ostensibly because the FBI believed black organizing was being influenced by communism. In 1963 FBI Assistant Director William Sullivan recommended “increased coverage of communist influence on the Negro.” However, the FBI’s goal in targeting Dr. King was clear: to find “avenues of approach aimed at neutralizing King as an effective Negro leader,” because the FBI was concerned that he might become a “messiah.”

The FBI subjected Dr. King to a variety of tactics, including bugging his hotel rooms, photographic surveillance, and physical observation of King’s movements by FBI agents. The FBI’s actions went beyond spying on Dr. King, however. Using information gained from that surveillance, the FBI sent him anonymous letters attempting to “blackmail him into suicide.” The agency also attempted to break up his marriage by sending selectively edited “personal moments he shared with friends and women” to his wife.

The FBI also specifically targeted the Black Panther Party with the intention of destroying it. They infiltrated the Party with informants and subjected members to repeated interviews. Agents sent anonymous letters encouraging violence between street gangs and the Panthers in various cities, which resulted in “the killings of four BPP members and numerous beatings and shootings,” as well as letters sowing internal dissension in the Panther Party. The agency also worked with police departments to harass local branches of the Party through raids and vehicle stops. In one of the most disturbing examples of this, the FBI provided information to the Chicago Police Department that aided in a raid on BPP leader Fred Hampton’s apartment. The raid ended with the Chicago Police shooting Hampton dead.

The FBI was not alone in targeting civil rights leaders. The NSA also engaged in domestic spying that included Dr. King. In an eerily prescient statement, Senator Walter Mondale said he was concerned that the NSA “could be used by President ‘A’ in the future to spy upon the American people, to chill and interrupt political dissent.”

The Church Committee was created in response to these and other public scandals, and was charged with getting to the bottom of the government’s surveillance overreach. In response to its findings, Congress passed new laws to provide privacy safeguards, including the Foreign Intelligence Surveillance Act. But ever since these safeguards were put in place, the intelligence community has tried to weaken or operate around them. The NSA revelations show the urgent need to reform the laws governing surveillance and to rein in the intelligence community.

Today we’re responding to those domestic surveillance abuses by an unrestrained intelligence branch. The overreach we’ve seen in the past underscores the need for reform. Especially during Black History Month, let’s not forget the speech-stifling history of US government spying that has targeted communities of color.

EFF: What Pete Seeger Can Teach Us About The NSA

This article, written by EFF Legal Director Cindy Cohn, was originally published by the organization on Feb. 1. Editor’s Note: Many of Personal Liberty’s readers likely disagree with the late Pete Seeger’s political positions. But as Americans are increasingly confronted with government intrusions on privacy, Seeger’s reaction to government prying in his personal life is worth noting.

 “I am not going to answer any questions as to my association, my philosophical beliefs, or how I voted in any election, or any of these private affairs. I think these are very improper questions for any American to be asked, especially under such compulsion as this.”

Pete Seeger, 1955, testimony pursuant to subpoena before the House Un-American Activities Committee.

The world lost a clear, strong voice for peace, justice, and community with the death of singer and activist Pete Seeger last week. While Seeger was known as an outspoken musician not shy about airing his political opinions, it’s also important to remember he was once persecuted for those opinions, despite breaking no law. And the telling of this story should give pause to those who claim to be unconcerned about the government’s metadata seizure and search programs that reveal our associations to the government today.

In 1955, Seeger was called before the House Un-American Activities Committee, where he defiantly refused to answer questions about others who he associated with and who shared his political beliefs and associations, believing Congress was violating his First Amendment rights. He was especially concerned about revealing his associations:

I will be glad to tell what songs I have ever sung, because singing is my business. . . .  But I decline to say who has ever listened to them, who has written them, or other people who have sung them.

But if the same thing were to happen today, a Congressional subpoena and a public hearing wouldn’t be necessary for the government to learn all of our associations and other “private affairs.” Since the NSA has been collecting and keeping them, they could just get that same information from their own storehouses of our records.

According to the Constitution, the government is supposed to meet a high standard before collecting this private information about our associations, especially the political ones that the Congressmen were demanding of Seeger. For instance, under the First Amendment, it must “serve compelling state interests, unrelated to the suppression of ideas, that cannot be achieved through means significantly less restrictive of associational freedoms.”

It doesn’t matter whether the government wants associations to look for possibly “illegal” activities of civil rights activists, Communist sympathizers, anarchists, trade unionists, war resisters, gun rights activists, environmental activists, drug legalization advocates, or wants to go after legitimate criminals and potential terrorists, if the government can’t justify the collection of this “metadata” on this “strict scrutiny” standard, they’re not allowed to collect any of it. Yet right now, they collect all of it.

We’re still learning of all the ways the government is able to track our associations without anything like the due process and standards required by the First and Fourth Amendments, but it is the centerpiece of the NSA’s mass telephone records collection program under Patriot Act section 215, which EFF is fighting with our First Unitarian Church v. NSA case that focuses on the right of association.  Our lead client, the First Unitarian Church of Los Angeles, had its own role in resisting the House Un-American Activities Committee. It’s also part and parcel of the mass collection of content and metadata of people all around the world under section 702 of the FISA Amendments Act. And it’s a real concern even if the companies hold the data, as we’ve seen with the FBI’s self-certified National Security Letters and the Hemisphere program, where AT&T employees are embedded in government investigations so that they can more readily search through our phone records for the FBI, the DEA and others.

Each of these programs effectively allows the government to do to you what Pete Seeger refused to let them do to him—track your associations, beliefs and other private affairs without proper legal protections.  And they can do this at scale that was unimaginable in 1955, thanks to the digital nature of our communications, the digital tools that allow them to search automatically rather than by hand and the fact that so much more about these private affairs is in the hands of third parties like our phone and internet companies.

While Seeger escaped jail, he was convicted of contempt for his failure to answer these questions. Thankfully Joseph McCarthy and the Un-American Activities Committees were later widely condemned, and Americans understandably look back sadly and with embarrassment on time when the Committee forced Americans to reveal their own associations, along with the associations and beliefs of others.  With the passing of moral and artistic heroes like Seeger, we should redouble our efforts to make sure that our “private affairs” remain safe and the government’s ability to access them remains subject to careful controls.

Join EFF on February 11 to fight back against mass surveillance.

Free Sgt. Star: Army Ignores FOIA Request for Artificial Intelligence Records

This article, written by media relations coordinator and investigative researcher Dave Maass, was originally published by the Electronic Frontier Foundation.

Sgt. Star is a 6-foot-1, clean-shaven, strong-jawed white male, with eyes that match the camouflage pattern on his combat uniform. His voice is deep, authoritative and carefully enunciative. He seems to be in his 30s, but he is actually only about 7 years old.

Sgt. Star is not a real person, or at least not a corporeal one. He is a chatbot — an artificial intelligence program designed to hold conversations — that was commissioned by the U.S. Army to help with recruitment efforts. He can recognize questions and dispense answers, verbally and in text, and also help the user surf the GoArmy.com website. According to marketing materials, he has answered more than 11 million questions so far.

Last year, the Electronic Frontier Foundation filed a request with the Army to see if EFF could obtain him, or elements of him, through the Freedom of Information Act. More than 75 calendar days have passed, and the Army still hasn’t responded — not even to say it’s withholding the records.

Contemplation of military service is one the most personal and life-altering decisions an American can undertake, with lasting consequences. EFF is interested in learning how Sgt. Star works, what questions he was programmed to answer and whether the Army has found the project effective. As electronic privacy advocates, EFF also hopes to determine what happens to the records of conversations Sgt. Star has with potential recruits.

As chatbots grow in popularity, particularly in a commercial setting (a reporter from TIME even discovered a chatbot posing as a telemarketer), Sgt. Star is often pointed to as a successful model of how this technology can be used as a replacement for humans in providing customer service. The SGT STAR project (officially, it’s all-caps) began in 2007 with a partnership between U.S. Army Accession Command and the Spokane, Wash.-based company Next IT, which sells “intelligent virtual assistants” to businesses. In the years since Sgt. Star’s inception, he has expanded beyond his GoArmy interface and potential recruits can now interact with him through Facebook or download him to their mobile phones via an app launched by the Army last year. Sgt. Star also makes appearances at public events, such as NASCAR races and Future Farmers of America gatherings, where users can talk to a full-size projection developed by the Institute for Creative Technologies at University of Southern California.

EFF contacted programmer Bruce Wilcox, two-time winner of the Loebner Prize for Artificial Intelligence (aka “The First Turing Test”) for advice on what to ask for in a FOIA request. Wilcox suggested EFF seek Sgt. Star’s input patterns (all the phrases and keywords Sgt. Star is pre-programmed to recognize) and the scripted output answers (all the possible things Sgt. Star could say). In the FOIA letter, EFF requested these files as they existed for each year between 2007 and 2013, in order to compare how Sgt. Star’s answers evolved to reflect developments in global conflicts, changes to military benefit packages and new policies, such as the repeal of “Don’t Ask, Don’t Tell.”

To cover its bases, EFF widened the FOIA request to include all contracts regarding Sgt. Star, all annual and quarterly reports that reference Sgt. Star, any audits, and any privacy policies associated with the program. EFF also asked for whatever analytical data might be available, such as the number of conversations Sgt. Star has had, the duration of those conversations, the general geolocation of the users (broadly), the number of conversations that resulted in direct communication with a human recruiter and any estimate of manpower saved by using the AI.

Once EFF crafted the request, the next challenge was to determine which agency was responsible for Sgt. Star. With the disestablishment of the Accession Command in September 2012, it was unclear which division had inherited Sgt. Star. EFF started with the public affairs office of the U.S. Army Recruiting Command (USAREC) in Fort Knox, Ky. From there, EFF’s request bounced to the Army Marketing and Research Group, a new division created in October 2012. A representative initially said he would follow up in a week and get EFF whatever he could. That was last November, and EFF has yet to receive any further response, despite a follow-up letter filed shortly after the Army missed the 20-day FOIA response deadline. EFF even sent the Army a note that it was writing this blog post.

The Army can’t argue that none of the records EFF requested can be released. Sgt. Star’s individual responses are already publicly available on the Internet, provided a user enters all of the possible questions into the chat interface, so there’s no reason the script should not be available in aggregate. Next IT uses basic Sgt. Star statistics in its marketing materials. For example, the program has a 94 percent accuracy rate in answering questions and the average user interacted with the program for 10.4 minutes. The fact that a private company can access this data, but the public cannot, raises questions about both privacy and government transparency.

When filing a FOIA request like this, it’s important to anticipate how the release of information would serve the public interest. Military recruitment practices have long been a subject of public controversy, whether it’s regarding protests over recruiters on school campuses or the use of video games to spur combat interest in youths. Everyone from veteran advocates to peace activists to budget watchdogs could review how the Army uses emerging technology to inform and persuade potential recruits. Social commentators could create satire through augmented version of Sgt. Star by plugging his input and output scripts into a publicly available chatbot engine. EFF is especially concerned with how personal data is collected, stored and shared beyond what is disclosed in the online privacy policy for chatting with human recruiters. As government transparency activists, EFF also wants to ensure that digital records stored in unconventional databases are in the public domain.

When the Army Marketing and Research Group was founded, the division’s director, Mark S. Davis, said its mission was to “make the Army more transparent to the American public; explained in a way that is accessible and shows how truly extraordinary the U.S. Army and the American Soldier are.” If he still believes that, his office should let the American people see how truly extraordinary the Army’s virtual recruiter is by responding to EFF’s FOIA request.

Free Sgt. Star.

EFF: Government Views On Fair Use Troubling For Small Content Creators

This article, written by electronic freedom activist Parker Higgins and attorney Mitch Stoltz, was originally published by the Electronic Frontier Foundation.

Copyright reform hearings continue to lumber along in the House of Representatives, with Tuesday’s in the Judiciary Committee marking the seventh in as many months. This hearing was dedicated to “The Scope of Fair Use,” and though the panel of witnesses was more diverse than in some of the earlier hearings, there were still some disappointing trends in the conversation.

One area that got significant attention was the topic of mass digitization, which has been repeatedly determined by courts to be a fair and transformative use. Not only is it fair, but as Professor Peter Jaszi noted during the hearing it is also tremendously beneficial, enabling the indexing and searching of huge sets of works.

Several panelists, however, pointed to the legal status of mass digitization as evidence of “fair use creep,” stressing its supposed lack of “transformative” quality over the other fair use considerations. That’s a mistake. Mass digitization is absolutely the sort of thing fair use is supposed to enable. Fair use is a flexible doctrine, not a rigid list of exceptions, so that it can accommodate changes in practices or technology.

Even more troublingly, some panelists seemed fixated on the commercial character of a use in determining whether it could be considered fair. On the one hand, the Supreme Court is abundantly clear that commercial use does not preclude a finding of fair use. But to listen to some of the panelists Tuesday, the notion seemed to be that if anybody is making money, rightsholders want a cut—or worse, the power to veto the use in the first place. The definition of commercial use, too, was stretched to its breaking point: according to one panelist, an otherwise non-commercial video remix can be tainted with the label of commercial as soon as it is posted to an ad-supported platform like YouTube.

That same panelist—the songwriter and copyright expansion activist David Lowery—also repeatedly raised hip hop as an example of copyright working effectively without fair use because the genre has managed to achieve popularity despite often requiring licenses for musical samples. Of course, this characterization overlooks how licensing schemes limit what sorts of creativity are sanctioned under the law, and that seminal works in the genre simply could not be made under today’s understanding of sampling.

Taken together, these two themes represent a pernicious misconception that there are “legitimate” works—the ones presented by companies that belong to lobbying organizations with multi-million dollar budgets—and “illegitimate” ones that require permission to be created or commercially exploited.

In terms of the law, the Supreme Court rejected that argument over 100 years ago, and has been reaffirmed numerous times in cases like Campbell v. Acuff-Rose Music (“Whether … parody is in good taste or bad does not and should not matter to fair use”) and Yankee Publishing Inc. v. News America Publishing (“First Amendment protections do not apply only to those who speak clearly, whose jokes are funny, and whose parodies succeed”). Any understanding of fair use has to reflect that legal tradition.

Although it didn’t get much attention during Tuesday’s hearing, issues of fair use are complicated by the incredibly high penalties that can await those accused of infringement. These punitive fees discourage artists from actually exercising fair use rights as they create.

One panelist, Professor June Besek, recently suggested that statutory damages don’t need to be addressed, but her record on this issue is troubling. Writing to the Department of Commerce this month, Besek pointed to a $6,000 court judgment won by notorious copyright troll Prenda Law—a judgment that was almost certainly achieved by fraud—as an example of the current copyright law working well.

Professor Besek said that copyright penalties for individual file-sharers don’t need fixing at this time because cases like Prenda’s (brought using the law firm’s alter ego, AF Holdings, as plaintiff) result in damages “under $10,000.” It’s widely known that Prenda has coerced millions of dollars in “settlement” payments from Internet subscribers by building false copyright cases on a framework of shell companies, forged documents, lies to the courts, and threats of $150,000 penalties. Using an AF Holdings case to show that the copyright system is working well—because the fraud victim lost $6,000 instead of a possible $150,000—is bizarre, and casts doubt on Professor Besek’s testimony.

Tuesday’s hearing was cut short by other legislative action on the floor, but as Committee Chairman Goodlatte noted, it was “perhaps the most important copyright hearing” yet. Congress should continue to get the opinions of witnesses like Professor Jaszi and Naomi Novik from the Organization for Transformative Works—people that have experience with art and media that depends on fair use.

Scorecard: Will Obama Hit The Mark On Real NSA Reform?

The Electronic Frontier Foundation is planning to grade the President’s forthcoming National Security Agency “reform” package, and they’re asking Americans to make their wishes known before Obama unveils his plan on Friday.

By The Electronic Frontier Foundation    

On Friday, President Barack Obama will announce changes and potential reforms he will make to the National Security Agency (NSA). What can we expect? Many people are skeptical that the president will create meaningful limits to the NSA’s practice of sweeping up the digital communications of millions of people worldwide. Instead of actually stopping the spying, Obama could just make pronouncements calling for more transparency or additional layers of bureaucratic oversight. Basically, he could duck the most important thing he could do to show leadership: rein in government surveillance.

We’ve compiled a list of common-sense fixes that the President could—and should—announce at his briefing on Friday. Many of these are similar to measures proposed by the president’s own Review Group on Intelligence and Communications Technologies, which produced a report with over 40 recommendations last month. The list below is not comprehensive, but it addresses the central problems with NSA surveillance. Fixing all of them will go a long way toward restoring America’s trust in its government and resolving some of the most egregious civil liberties abuses of the NSA.

We’ll be scoring Obama’s presentation on Friday and we’ll let you know which, if any, of these reforms he supports. You can help us pressure Obama in the coming days by tweeting these reforms at him.

1. Stop mass surveillance of digital communications and communication records.

It doesn’t matter what legal authority is being cited—whether it’s the Patriot Act, the FISA Amendments Act, or an executive order—the government should not be sweeping up massive amounts of information by and about innocent people first, then sorting out whether any of its targets are included later. The NSA has disingenuously argued that simply acquiring this data isn’t actually “collecting” and that no privacy violation can take place unless the information it stores is actually seen by a human or comes up through an automated search of what it has collected. That’s nonsense. The government’s current practices of global dragnet surveillance constitute general warrants that violate the First and Fourth Amendments, and fly in the face of accepted international human rights laws. Obama needs to direct the NSA to engage only in targeted surveillance and stop its programs of mass surveillance, something he can do with a simple executive order.

 

2. Protect the privacy rights of foreigners.

The NSA’s surveillance is based upon the presumption that foreigners are fair game, whether their information is collected inside the US or outside the US. But non-suspect foreigners shouldn’t have their communications surveiled any more than non-suspect Americans. The review group recommended limited protections for non-US persons and while that is a good start, the president should do more to ensure that actual suspicion is required before either targeted or untargeted surveillance of non-US persons.

 

3. Don’t turn communications companies into the new Big Brother: no data retention mandate.

Obama’s review group recommended ending the NSA’s telephone records program, which we strongly agree with, but then indicated that a reasonable substitute would be to force American communications companies to store the data themselves and make it available to the government. The group ultimately recommended a data retention mandate if companies won’t comply voluntarily. But companies shouldn’t be pressed into becoming the NSA’s agents by keeping more data than they need or keeping it longer than they need to. To the contrary, companies should be working on ways to store less user data for less time—decreasing the risks from data breaches and intrusions like the one that just happened to Target. Data retention heads in the wrong direction for our security regardless of whether the government or private parties store the information.

 

4. National Security Letters need prior judicial review and should never be accompanied by a perpetual gag order.

One recommendation of the review group we heartily endorse is reining in National Security Letters. The FBI uses these letters to demand user data from communications service providers with no judicial review. Providers are forbidden from talking about receiving NSLs, which means the letters also serve as perpetual gag orders. EFF was successful in convincing a federal judge to strike down these NSLs last year. The case is on appeal but Obama can remedy the situation more quickly by instructing the FBI not to issue NSLs without prior judicial review, and to limit its use of gag orders.

 

5. Stop undermining Internet security, weakening encryption, and infiltrating companies.

Recent revelations show that the NSA is undermining Internet encryption, making us all less secure when we use technology. These practices include weakening standards, attacking technology companies, and preventing security holes from being fixed. As the president’s review group recognized, this has serious consequences for any industry that relies on digital security—finance, medicine, transportation, and countless others, along with anyone in the world who relies on safe, private communication. Obama should follow the recommendations of his review group and immediately stop the NSA’s efforts to undermine or weaken the security of our technologies.

 

6. Oppose the FISA Improvements Act.

The FISA Improvements Act, promoted by Sen. Dianne Feinstein, a stalwart defender of the NSA, would codify mass surveillance by the NSA and potentially extend the spying. Obama should make clear that he opposes the bill and would veto it if it came to his desk.

 

7. Reject the third party doctrine.

Obama should announce that it will be the policy of the Justice Department that data held by a third party (such as a telecom company or an Internet service provider) has the same constitutional protections as data stored at home. This will help correct deeply flawed Supreme Court rulings from the 1970s, which found that people who allowed companies store their data had no expectation of privacy in it, and will support efforts to update the Electronic Communications Privacy Act to reflect current realities of how we use technology.

 

8. Provide a full public accounting of our surveillance apparatus.

Obama is fond of saying that the public misunderstands the government’s surveillance programs because they are being brought to light in “dribs and drabs” based on whistleblower evidence. To remedy this, Obama should appoint an independent committee to give a full public accounting of surveillance programs that impact non-suspects around the world. This does not mean revealing specific methods for tracking terrorists, but it does mean providing a comprehensive review of the legal authorities relied upon and the surveillance programs that affect non-suspect members of the public. The appointed committee should directly engage whistleblowers like Thomas Drake, William Binney, Edward Snowden and others, and include independent technological experts.

 

9. Reform the state secrets privilege and stop overclassifying.

For years, the government has fought accountability in the courts by claiming all of the information related to surveillance programs is a “state secret.” The government should commit to continue the work started by Sen. Ted Kennedy to reform the state secrets privilege to ensure it is no longer used to shield abuses from public accountability. In a similar vein, the government routinely classifies documents that would pose no danger to our security if they are made public. In fact, the classification system is often abused to hide information about government abuses of power.  We need to embrace transparency, not secrecy, as the default, in our courts and our public discourse, both to better protect actual secrets and to better hold the government accountable for its actions.

 

10. Reform the FISA court: provide a public advocate and stop secret law.

There are myriad problems with the Foreign Intelligence Surveillance Court, the secretive court system that signs off on national security surveillance requests. Two of the biggest are: 1. One-sidedness: Government lawyers argue for surveillance authority in front of judges without any adversary in the room to argue for due process, privacy and civil liberties; 2. Secret law: The FISA court has created a huge body of secret law that impacts the communications of millions of Americans but is unknown to them. Obama should take preliminary steps to reform the FISA court by supporting calls for a public advocate to ensure an adversarial process in the courtroom. Further, the president should forbid the DOJ from blocking the publication of FISA court legal interpretations and only allow the redaction of true operational details.

 

11. Protect national security whistleblowers working for the public good.

Whistleblowers like Mark Klein, Kirk Wiebe, Thomas Drake, William Binney, Edward Snowden and others have provided the public with critical information about national security abuses that helped spark a much needed public debate about transparency, privacy, and the public’s relationship with its government. Yet some of these whistleblowers face decades in prison for their actions under outdated or misapplied laws. The president should not only instruct the DOJ to stop prosecuting whistleblowers who publicize information for the public good, but champion affirmative legislation to protect them.

 

12. Criminal defendants should know if national security surveillance is being used against them.

Recently released documents confirm that the NSA is sharing surveillance data with other US agencies, and that the FBI is running its own mass surveillance programs. Information gathered through these programs is being fed as “tips” into regular criminal investigations, with instructions to hide the origin of the information. This practice of intelligence laundering runs afoul of protections enshrined in the Fifth and Sixth Amendments, which guarantee a criminal defendant a meaningful opportunity to present a defense and challenge the government’s case. The president should make clear that criminal defendants have a right to be given notice of all surveillance information used to investigate or prosecute them as soon as risk to the investigation has passed and never later than when the accused faces trial.

We will publish a filled-out scorecard right after Obama’s speech on Friday. In the meantime, we have just days left before the announcement. Let’s use every moment we have to pressure Obama to really stop mass spying.

SCORECARD