Digital privacy, surveillance, data protection, civil liberties
This article discusses the potential risks associated with the sale of precise geolocation data. The author argues for a ban on the sale of such data due to its potential misuse by malicious actors. The piece highlights the growing concern over privacy and security implications as this sensitive information becomes more widely accessible.
Privacy consultant Alexander Hanff claims that Google Chrome, despite its marketing, lacks protection against browser fingerprinting. This technique tracks users online by collecting specific technical details about their browser, and Hanff asserts that Chrome is vulnerable to this common tracking method.
The Electronic Frontier Foundation (EFF) is calling for the release of journalist Ahmed Shihab-Eldin, who was arrested in Kuwait on charges including spreading false information and harming national security. His arrest is believed to be related to his reporting on a U.S. military aircraft crash and subsequent social media posts. This incident occurs amidst a broader crackdown on reporting in Kuwait, with new decrees targeting information that could undermine the military.
An audit found that major tech companies like Google, Meta, and Microsoft are failing to comply with California's privacy law by not honoring opt-out requests for online tracking. These companies only respected these requests about half the time, indicating a significant gap in their privacy compliance practices.
Governments worldwide are increasingly weaponizing internet connectivity through shutdowns, throttling, and selective restoration, a trend that has escalated significantly since the Arab uprisings of 2011. What began as emergency measures has evolved into a normalized infrastructure of control, with a record 304 internet shutdowns imposed across 54 countries in 2024. This practice restricts access to information, work, and essential services, shaping public discourse and dissent.
Congress is preparing to debate the reauthorization of a surveillance program that allows U.S. spy agencies to access communications of foreign individuals. This debate occurs as some lawmakers are advocating for stronger privacy protections for U.S. citizens.
While grassroots opposition to renewing FISA Section 702 is growing, fueled by concerns over AI's role in data surveillance, Democratic leaders are not actively campaigning against its extension. This suggests a potential lack of robust political pushback despite public anxieties.
Amandla Thomas-Johnson, a former international student, had his Google data handed over to ICE by Google without prior notification. This action broke Google's decade-long promise to inform users before releasing their data to law enforcement. The EFF has filed complaints against Google for deceptive trade practices in California and New York regarding this incident.
The Electronic Frontier Foundation (EFF) has urged the attorneys general of California and New York to investigate Google for deceptive trade practices. This action stems from Google allegedly failing to notify users before disclosing their data to law enforcement, as promised by the company.
Virginia Governor Abigail Spanberger has signed S.B. 338 into law, which prohibits the sale of precise geolocation data belonging to Virginians. This legislation aims to protect citizens' privacy by restricting the commercialization of their location information.
The US government intends to leverage AI for analyzing American data acquired through data brokers and foreign intelligence surveillance, often without a warrant. EPIC urges Congress to close loopholes concerning these data collection methods before renewing Section 702 of the Foreign Intelligence Surveillance Act.
EPIC has joined an ACLU-led coalition of over 70 organizations in an open letter urging Meta to halt plans for facial recognition in its Ray-Ban smart glasses. EPIC has opposed this initiative since its existence was revealed, and previously asked the FTC and state enforcers to investigate this privacy abuse.
EPIC has filed an amicus brief in support of South Carolina's Age-Appropriate Design Code (AADC) against tech industry challenges. The AADC aims to protect minors' data and allow users to opt out of surveillance-based algorithmic feeds that manipulate engagement.
The Electronic Frontier Foundation (EFF) is participating in the HOPE 26 conference from August 14-16 in Manhattan. The event provides a platform for community learning and connection around digital civil liberties, with EFF technologists, attorneys, and activists presenting on topics such as location data privacy, digital rights, and surveillance.
The Electronic Frontier Foundation (EFF) has updated its guide, "Surveillance Technology at the U.S.-Mexico Border," to help people identify homeland security machinery. The updated zine includes more surveillance towers, military tech, disguised trail cams, and automated license plate readers, based on research including vendor materials and public records requests.
Gulf states are intensifying efforts to silence dissent and restrict the flow of information under the guise of wartime "misinformation." This includes narrowing the operating space for journalists, criminalizing social media activity, and leveraging existing cybercrime and media laws to suppress any form of dissent.
Claims that Microsoft is operating a massive corporate espionage operation through LinkedIn's browser extension are being examined by security researchers. Initial findings suggest the extension's probing activity may not constitute spying as alleged, potentially refuting broader espionage claims.
The article discusses how football stadiums are increasingly adopting facial recognition technology, ostensibly for security purposes. However, this expansion of surveillance capabilities raises significant privacy concerns regarding the scope and potential misuse of the collected data.
Law enforcement agencies in Hungary, El Salvador, and the U.S. have reportedly used a surveillance tool named Webloc. This system, developed by Cobwebs Technologies and now managed by Penlink, leverages advertising data to track the geolocation of approximately 500 million devices globally.
Oklahoma and Alabama have passed consumer privacy laws that critics argue are insufficient in protecting personal data from abuse. These laws are similar to those enacted in other states like Virginia. Advocacy groups like EPIC and U.S. PIRG have criticized these laws for their lack of meaningful protections.
Threat actors have successfully breached the telehealth company Hims, potentially gaining access to highly sensitive Protected Health Information (PHI). This data could include details about users' physical conditions such as baldness, obesity, and impotence. The article explores the potential implications and misuse of this stolen personal health data.
The Massachusetts Supreme Judicial Court ruled that Section 230 of the Communications Decency Act does not shield Meta from claims that it designed its social media platforms to be addictive and misled users. The court allowed the Commonwealth's claims to proceed, rejecting Meta's broad interpretation of Section 230 immunity.
This article discusses the upcoming reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA), a US government surveillance tool. The Electronic Frontier Foundation (EFF) urges Congress to enact substantial reforms, citing concerns about potential warrantless access to US citizens' communications collected incidentally through foreign surveillance.
Google has expanded end-to-end encryption (E2EE) for Gmail to all Android and iOS mobile devices. This feature allows enterprise users to send and receive encrypted emails directly within the Gmail app without requiring separate browser extensions or tools.
Senator Bernie Sanders recently discussed AI and privacy with Claude, an AI assistant. The conversation reportedly covered these topics effectively, with Claude demonstrating a good understanding of the issues.
This article discusses the pervasive nature of data collection and its potential for misuse by both governments and corporations. It highlights how data, even if anonymized, can be re-identified and used for surveillance, manipulation, and discrimination. The piece calls for greater scrutiny and regulation of data practices.
The article reports on a situation where ICE attempted to obtain the identity of a Redditor who criticized them, but their initial summons to Reddit failed. Now, the Trump administration is reportedly escalating this effort by taking the case to a secret grand jury, raising concerns among advocates about a broader crackdown on dissent.
The FBI has reportedly extracted Signal chat data from an iPhone's notification logs, a method that bypasses Signal's end-to-end encryption by accessing unencrypted data. Separately, leaked police data from Los Angeles, an investigation into a Meta employee for downloading private photos, and a zero-day exploit for Adobe Reader are also highlighted.
EPIC has submitted testimony to the Rhode Island House Innovation Internet and Technology Committee, proposing enhancements to the Rhode Island Age-Appropriate Design Code (AADC). This code aims to bolster privacy and online safety measures for minors.
The Electronic Frontier Foundation (EFF) is leaving the social media platform X (formerly Twitter) after nearly twenty years. This decision stems from a significant decline in engagement metrics and a lack of transparency and security improvements since Elon Musk's acquisition.
A hack-for-hire campaign, potentially linked to the Indian government, has targeted journalists, activists, and government officials throughout the Middle East and North Africa (MENA) region. This campaign, as uncovered by Access Now, Lookout, and SMEX, notably focused on Egyptian journalists and critics. The attackers employed sophisticated methods to gain access to their targets.
A European company, BrowserGate, is accusing LinkedIn of "illegally searching your computer" and conducting corporate espionage by collecting data on installed software from its users. LinkedIn denies these specific accusations, stating they scan for browser extensions to detect abuse and ensure site stability, but has not clarified if this data is used solely for those purposes.
This article discusses the issue of 'mission creep' in police surveillance technologies, where tools initially intended for serious crimes are used for minor offenses or to track protestors. It highlights recent developments from the EFFector newsletter, including calls for NSA spying reform and a legal victory regarding internet access, as well as the normalization of mass surveillance through license plate readers.
The Arab Spring initially empowered citizens through digital tools, but over the past decade, these same tools have been co-opted by governments into sophisticated surveillance apparatuses. This shift has transformed personal devices and online platforms into potential weapons for state control, influencing global digital authoritarianism.
The EU Parliament has voted against extending a temporary exemption that allowed service providers to conduct voluntary mass scanning of private communications. While this is a win for privacy, the 'Chat Control' proposal for mandatory scanning of child abuse material is still under negotiation, and tech companies have indicated they will continue voluntary scanning practices.
Hong Kong police can now legally compel individuals to reveal encryption keys for their electronic devices under a new law. This applies even to those transiting through the airport, as authorities have revised the enforcement rules for the National Security Law.
A New Mexico court ruling against Meta has raised concerns about the future of end-to-end encryption. The ruling, which found Meta liable for design choices that facilitated harm, used the implementation of encryption in Facebook Messenger as evidence against the company. This decision could have negative implications for security and privacy.
Sensitive gate security codes for U.S. Customs and Border Protection (CBP) facilities were reportedly exposed through publicly accessible flashcards on the Quizlet platform. The leaked information includes facility codes that could potentially aid unauthorized access or provide insights into operational security.
The Electronic Frontier Foundation (EFF) is hosting three events in New York featuring Executive Director Cindy Cohn to discuss her new book, "Privacy's Defender: My Thirty-Year Fight Against Digital Surveillance." These events will cover data security, digital rights, and the challenges of maintaining privacy in an online world.
The FAA issued a nationwide flight restriction preventing drone operators from flying near ICE or CBP vehicles, which EFF argues infringes on the First Amendment right to record law enforcement. This "temporary" restriction is set to last 21 months and carries potential criminal and civil penalties for violators.
Data privacy labels for mobile apps are intended to inform users about data collection practices. However, the current implementation of these labels is inconsistent and often fails to accurately represent the data being gathered.
LinkedIn is reportedly using hidden JavaScript on its website to scan visitors' Chrome extensions and collect device data without explicit consent. This practice, detailed in a report called "BrowserGate," raises privacy concerns and has been compared to malicious data collection tactics.
LinkedIn is reportedly using hidden JavaScript on its website to scan visitors' Chrome browsers for over 6,000 installed extensions and collect device data. This "BrowserGate" report indicates that LinkedIn is not just collecting data about users' interactions with its platform but also potentially sensitive information about their browsing habits and installed tools.
The Electronic Frontier Foundation (EFF) is hosting two events in Washington D.C. on April 13th and 14th featuring EFF Executive Director Cindy Cohn discussing her new book, "Privacy's Defender: My Thirty-Year Fight Against Digital Surveillance." The events will cover topics related to data security, digital surveillance, and online privacy.
EPIC has released a new resource urging Congress to address state surveillance by closing data broker loopholes. The initiative aims to protect individuals from the unchecked collection and use of their personal information by government entities.
WebinarTV is actively searching the internet for publicly shared Zoom meeting invitations. The company then joins these meetings, records them without participants' knowledge, and subsequently publishes the recordings, often transforming them into AI-generated podcasts.
A California Superior Court jury found Meta and YouTube liable for harming a user and deceiving young users about platform safety. However, the article argues that these jury decisions, which may be appealed and involve First Amendment and Section 230 immunity, should not be seen as a precedent for weakening speech protections for all platforms.
A coalition of 63 civil society organizations, including EPIC, has signed a letter urging Meta to halt its plans to integrate facial recognition technology into its smart glasses. The organizations express strong opposition to the deployment of this technology, citing privacy and surveillance concerns.
The Electronic Frontier Foundation (EFF) submitted a report to the UN OHCHR detailing how government laws and policies, often framed as security measures, are increasingly restricting the fundamental rights of human rights defenders (HRDs) in the digital age. This includes the misuse of cybercrime and national security laws for prosecution, expanded surveillance, internet disruptions, and the deployment of spyware, all of which hinder HRDs' ability to communicate, document abuses, and access support.
WhatsApp has alerted approximately 200 users who were tricked into installing a fake iOS app that contained spyware. The majority of those targeted are in Italy, and threat actors are believed to have used social engineering tactics to achieve this. An Italian firm is reportedly facing action in connection with this incident.
