Access to Your Email Without a Warrant: Updating ECPA For the Digital Age

“It sounded like a good idea at the time…”

When the Electronic Communications Privacy Act (ECPA) was passed in 1986, it aimed to set standards for law enforcement access to digital communications and privacy protections for users like us. Reasonable enough.

But time passed. Innovation in computing and Internet access progressed more quickly than anyone could have ever imagined, and policymakers struggled to keep up with a basic understanding of how the online tools that we use to shape our personal and office communications actually work.

As a result, we have a law that’s more outdated than one of these:

(In case you were wondering, that’s a pager.)

The patchwork quilt of standards that were modern in the mid ‘80′s are now woefully outdated – and an affront to even the most basic of our civil liberties.

Here’s how bad it is:

  • An email can be accessed without a warrant just because a message is over 180 days old. That dorky first email your partner sent you asking you out on a date six months ago and you’ve saved out of nostalgia? It’s open season for law enforcement!
  • Location information usage is ambiguous. ECPA does not have a clear policy on law enforcement access to your location data. With more and more apps and website relying on your position to serve you up localized content and directions on where you need to go, this is clearly a treasure trove of information waiting to be discovered without your consent. 

Luckily, Congress can make this right by moving legislation to fix ECPA forward. A large, bipartisan majority in the House (280+!) is already on board with a bill that would do just that — a rare feat for any piece of legislation on Capitol Hill. 

The Email Privacy Act — sponsored by Reps. Kevin Yoder (R-Kan.) and Jared Polis (D-Colo.) — is now the most popular bill in the House to not earn a vote.

But it doesn’t have to be that way. Demand Progress members are continuing to put the pressure on their legislators and Congressional leadership — and you can, too!

Click here to sign our petition calling on Congress to bring this bill to a vote — then ask your friends to do the same.

nytimes.com
When a Company Is Put Up for Sale, in Many Cases, Your Personal Data Is, Too

I have written about this before, but it’s worth reminding you. These days many companies offer an official privacy policy and an easier-to-read but not so official abridged version. Sometimes the two do not agree:

One example is Nest, an Internet-connected thermostat company that enables people to control their home energy use via their mobile devices. Acquired by Google for $3.2 billion last year, Nest has different online privacy pages with seemingly conflicting statements.

One page, in colloquial English, says that the company values trust: “It’s why we work hard to protect your data. And why your info is not for sale. To anyone.”

Another page, containing Nest’s official privacy policy, however, says: “Upon the sale or transfer of the company and/or all or part of its assets, your personal information may be among the items sold or transferred.”

I know privacy policies are long and boring, but it’s worth at least scanning them to get a sense of what will happen to the information the company collects about you if they ever sell or go under. You may not like what you find.

Male space is an inside job

Male space is an inside job #Malespace #addiction #Mensrights #Drugrehab #MGTOW

Spanning throughout the network of modern men’s media you will find a substantial amount of perspective on the concept of “male space.” You’ll see a lot of harsh commentary from men who feel male space has been encroached upon by gender ideologues who believe that male occupied space is inherently dangerous to women. This certainly would appear to be the case when you consider many traditionally…

View On WordPress

anonymous asked:

Is it alright if a potential boss asked for your passwords to Facebook, tumblr and other personal apps?

NO NO NO. That’s private information that you do NOT have to give to anyone, especially someone who is using their position of power to take advantage of you. It’s sketchy enough that employers are looking at your public information online, they really should not be looking at your private information.

Our cultural narrative about privacy is completely backward: What we really fear is not that the internet — or a prospective employer, or a nosy lover, or Big Brother — knows too much about us, but that it knows too little; that it fails to encompass Whitman’s multitudes which each of contains; that it reduces the larger, complex truth of who we are to a few fragmented facts about what we do; that it hijacks our rich, ever-evolving personal stories and replaces them with disjointed anecdotal data.
—  Some thoughts on how to own your story.

NSA surveillance: how librarians have been on the front lines to protect privacy

In the hours before US senators voted to take on the might of the National Security Agency this week, their inboxes were deluged with more than 2,200 supportive emails from a most unlikely group of revolutionaries: America’s librarians. 

Keep reading

9

New comic! (link)

Other: Part 1. This comic is a quick overview of what surveillance means and how we can’t avoid interacting with it.

The killer is, there’s no ‘off the grid’. That step where they compare you against norms and patterns? (3: analysis and response), well, that’s where when you’re something weird, or unexpected, you get flagged for further scrutiny. You can’t disengage from all our surveillance systems without it looking weird, and once it looks weird, you’re right back in the system, tagged as 'weird’ somewhere for someone to look up one day.

Now, not all surveillance is bad. Public health does a lot of surveillance, and when it’s done ethically, they’re trying to track health issues and implement plans that make our communities safer. And some of it is a trade off: want to vote? there has to be some way of keeping track of registered voters, so that’s just part of a democratic process.

But it’s happening. every organized system you are part of is gathering and storing information on you. Heck, even your volunteer position has your name and number and emergency contact somewhere, doesn’t it?

And the bar for understanding and reacting to this is so fucking high, it’s essentially impossible for people who haven’t made a whole career out of understanding it. No one understand what Apple’s ToS means as a whole, and so when we click 'ok’, what are we really consenting to? Is that even consent?

Tune in shortly for the next installment: Classification, You, and Everyone Else!

In the privacy of a doctor’s office, a patient can ask any question and have it be covered under doctor-patient confidentiality. But what happens when patients want to search possible symptoms of a disease or ailment online?

It’s common to search for treatments for a migraine or stomach pain on WebMD, or a flu strain on the Centers for Disease Control and Prevention website. But there’s no way to know who else may be privy to that search information. So where do the data go when a patient presses enter?

Online Health Searches Aren’t Always Confidential

Illustration credit: Stuart Kinlough/Ikon Images/Getty Images

Recently, mediocre singer (but excellent future infomercial host) Michael Buble got in hot water for posting a pic he snagged of a woman in shorty shorts. And some were offended when Neil Patrick Harris took a break from being a horrible Oscars host to expose the unusual behavior of this New York City subway rider:

For some, this issue is very simple: It’s wrong to take pictures of people without their permission. I’ll admit that stance is clear and straightforward, but I also don’t find it compelling. No one disputes that drilling a hole in a dressing room wall to snap pics is wrong. Everyone agrees using a telephoto lens to take shower pics of your neighbor can’t be defended.

But when you’re out in the world, can you really expect that no one will take your picture? You’re putting yourself out in public. If people don’t need permission to look at you, what is the ethical reason they’d need permission to save one millisecond of that glance? What changes the ethical question of holding an image in your memory versus holding it in your phone? I think if we answer that question honestly, it’s the things that might be done with the photo and not merely that someone memorialized a millisecond of your appearance or behavior that you were already showing the world.

5 Ethical Questions On Posting Photos Of Strangers Online

reason.com
Yoink! TSA Publicizes Man Traveling with Bag of Cash. Then Feds Seize It.
Now he may have to prove the money is not involved with any crime to get it back.

Happy Independence Day weekend, America! What better example of what “freedom” has come to mean in the United States than a situation where an airline passenger, after being prodded and searched by the federal Transportation Security Administration (TSA), has his property photographed and publicized online by the TSA and then seized.

Was said property a gun or a bomb? Was he arrested and charged with a crime? No and no. It was cash. The man was carrying thousands of dollars in a bag through the airport at Richmond, Virginia. According to a TSA spokesperson, the “unknown bulk” of the bag’s contents triggered alerts, so they searched and found the money. Then somebody decided they should photograph this man’s personal property (by which I mean $75,000 or so) and post it on Twitter. To say that this is a violation of the man’s privacy would have to assume that the TSA has any grasp of what privacy even is.

There were some outraged responses from some people on Twitter at this flippant exposure by the TSA. But that’s just the insult. The injury is that a federal agency then seized the man’s cash. He now has to prove that the money is his and that it has no connection to any illegal activities, or the government may just keep it. The Washington Post, noting the seizure, points to TSA blog post from 2009 providing the agency’s justification for its behavior:

TSA officers routinely come across evidence of criminal activity at the airport checkpoint. Examples include evidence of illegal drug trafficking, money laundering, and violations of currency reporting requirements prior to international trips.

When presented with a passenger carrying a large sum of money through the screening checkpoint, the TSA officer will frequently engage in dialog with the passenger to determine whether a referral to law-enforcement authorities is warranted.

The TSA officer may consider all circumstances in making the assessment, including the behavior and credibility of the passenger. Thus, a failure to be forthcoming may inform a TSA officer’s decision to call law-enforcement authorities.

So even though it’s perfectly legal to carry huge sums of cash onto a plane, if you refuse to answer TSA agents’ questions about the money, or they just don’t believe you, or they just gin up whatever reason they like, they can summon law enforcement to seize it and then force you to grapple with the federal government’s incredibly complicated asset forfeiture process just to try to get it back (check out a flowchart here).

Joel Holmberg, Changing My Password, 2013

Single-channel audio soundwork; 18’24”. Courtesy the artist.

Joel Holmberg’s Changing My Password in “The Great Ephemeral” is the transcription of a telephone conversation between a customer-service representative and an artist (played by Holmberg himself), who expresses concerns that he may have compromised his bank account’s safety by sharing answers to his private security questions in a forthcoming published interview. While the conversation is humorous, the artist’s fears resonate with both high-profile hackings—actor Jennifer Lawrence’s childhood nickname “Nitro” led to the leaking of nude photographs, and the name of Paris Hilton’s dog provided the key to her infamous sex tape, for example—as well as the daily realities of those living outside the media spotlight. Holmberg’s work questions how we “secure” ourselves amid a proliferation of consumer identities that are subject to collection, monetization, and surveillance by an indiscernible number of forces, from private companies to third-party marketers to the government.

Holmberg’s work includes sculpture, painting, performance, and sound- and web-based work. As with Changing My Password, his pieces often exploit consumer access points set up by corporations—such as customer-service call centers and Yahoo! Answers, Yahoo!’s forums for public discussion—to subvert the behaviors and codes of such spaces and call their larger structures into question.