Tech faces public anger over internet privacy repeal – BY ALI BRELAND – 04/02/17 08:30 AM EDTw

© Getty Images

The Republican push to eliminate Obama-era consumer data protections is sparking a new national debate over online privacy, and putting internet companies on the defensive.

The measure blocking the online privacy rules is on the desk of President Trump, who is expected to sign it.

But the firestorm of controversy shows no signs of easing. Broadband titans such as AT&T and Comcast and web giants like Google and Facebook now find themselves under growing pressure over their privacy policies.

“We’ll definitely make it pretty clear what right was given away and the extent that it was given way,” vowed Ernesto Falcon, legislative analyst at the Electronic Frontier Foundation.

The rules passed by the Federal Communications Commission would have restricted internet service providers from selling consumer data deemed “sensitive,” including app usage information and web browsing history, without consent. That data is used for targeted ads directed at consumers.

The rules passed in 2015 with little fanfare, the result of the FCC’s net neutrality rules, which brought internet providers under the agency’s authority.

Critics, though, said the FCC rules treated broadband providers such as cable and phone companies tougher than internet companies such as Yahoo or Facebook, which are able to sell their consumer data under the Federal Trade Commission’s privacy framework.

Republicans moved quickly to kill off the FCC privacy rules that were slated to take effect later this year.

Article continues:

Comcast-Funded Civil Rights Groups Claim Low-Income People Prefer Ads Over Privacy -March 29 2017, 7:27 a.m

THE HOUSE OF REPRESENTATIVES joined the Senate Tuesday in voting to repeal new Federal Communications Commission rules that would have stopped internet service providers (ISPs) from using and selling consumers’ web browsing data without their consent.

Supporters of the repeal have argued that regulators failed to, in the words of Sen. Ted Cruz, R-Texas, address the “strenuous objections from throughout the internet community” raised during the rule-making process.

But a look at the comments submitted to the FCC reveal that many of the opponents of the privacy regulation came not from any “community” but from groups with extensive financial ties to phone and cable companies — with some of their claims hinging on the absurd.

For instance, the League of United Latin American Citizens and OCA – Asian Pacific American Advocates, two self-described civil rights organizations, told the FCC that “many consumers, especially households with limited incomes, appreciate receiving relevant advertising that is keyed to their interests and provides them with discounts on the products and services they use.”

Article continues:

Christopher Soghoian: Your smartphone is a civil rights issue – Filmed June 2016 at TEDSummit

The smartphone you use reflects more than just personal taste … it could determine how closely you can be tracked, too. Privacy expert and TED Fellow Christopher Soghoian details a glaring difference between the encryption used on Apple and Android devices and urges us to pay attention to a growing digital security divide. “If the only people who can protect themselves from the gaze of the government are the rich and powerful, that’s a problem,” he says. “It’s not just a cybersecurity problem — it’s a civil rights problem.”



How Your Health Data Lead A Not-So-Secret Life Online – ANGUS CHEN July 30, 2016 5:00 AM ET

Katherine Streeter for NPR

Katherine Streeter for NPR

There are apps that can help people with diabetes keep track of their blood sugar and apps that can attach to a blood pressure cuff and store blood pressure information. I use an app called ZocDoc to schedule and manage doctor’s appointments. Every time I see a therapist or a primary care doctor or dentist, the data get stored in my personal account.

But we leave behind other trails of health data, too, from apps and activities that are sometimes only tangentially health related. When I walk down the street, an app on my phone logs steps as it bounces against my thigh. When I swipe a loyalty card at the pharmacy, the over-the-counter medications that I buy become bits of data attached to my name. Medical information can be gleaned from all this and more, says Nathan Cortez, a professor of law at the Southern Methodist University Dedman School of Law.

Outside In

This week the NPR podcast and show Invisibilia explores how people change from the outside in. We look at an all-women debate team in Rwanda, a country that has declared gender equality. We look at twins who introduced an app into their relationship and how it changed them. And a man who met a bird that transformed his view of the world.

Those data aren’t always protected. A recent report from the Department of Health and Human Services showed that the vast majority of mobile health apps on the marketplace aren’t covered by the Health Information Portability and Accountability Act. “HIPAA is pretty narrow as far as these things go. It applies only to traditional entities [like hospitals, doctors and health insurance providers], and it’s not surprising. HIPAA was written by Congress in 1996 before we had health apps,” Cortez says.

Apps or devices used in conjunction with a doctor’s office or a hospital can’t share or sell your information. But there’s no definitive federal law governing what happens to the data that an app developer, tech company or private individual collects. Cortez and I spoke about what that means and what people can do with individuals’ data. This interview has been shortened for length and clarity.

So if you share your data with a physician or a hospital, then it’s covered under HIPAA. If you share it with someone like Apple, then it’s not?

Article continues:

Apple Lambasts the FBI for Not Asking the NSA to Help Hack That iPhone – KIM ZETTER. 03.15.16. 8:40 PM

In the showdown between Apple and the Justice Department over an iPhone used by one of the San Bernardino shooting suspects, one question has loomed large. Why hasn’t the FBI sought assistance from the National Security Agency—which employs some of the nation’s top hackers—to crack into the iPhone? Apple has touched on that question lightly in other briefs filed in the case, but today it focused on it more extensively in its latest brief submitted to the court.

“The government does not deny that there may be other agencies in the government that could assist it in unlocking the phone and accessing its data; rather, it claims, without support, that it has no obligation to consult other agencies,” Apple wrote, noting that FBI Director James Comey danced around the question of NSA assistance when asked about it during a recent congressional hearing.

And if the FBI can’t on its own break into iPhones without NSA help, it should invest in developing that capability, Apple says, instead of seeking unconstitutional ways to force tech companies to assist it.

“Defining the scope of the All Writs Act as inversely proportional to the capabilities of the FBI removes any incentive for it to innovate and develop more robust forensic capabilities,” Apple wrote. The company quotes Susan Landau, a professor of cybersecurity policy at Worcester Polytechnic Institute, who has said that “[r]ather than asking industry to weaken protections, law enforcement must instead develop a capability for conducting sophisticated investigations themselves.”

Article continues:

Behind the U.S. Legal Counterstrike in Apple iPhone Battle – Massimo Calabresi March 11, 2016

U.S. prosecutors filed a scathing attack against Apple Thursday in the court battle over access to the iPhone 5c used by one of the shooters in the San Bernardino terrorist attack that killed 14 people. The prosecutors accused the tech company of undermining core principles of American justice, deliberately blocking traditional law enforcement powers for marketing purposes and being more responsive to Chinese government requests than those made by U.S. Justice Department officials.

FBI Director James Comey testifies on Capitol Hill in Washington, Tuesday, March 1, 2016, before the  House Judiciary Committee hearing on 'The Encryption Tightrope: Balancing Americans' Security and Privacy.' ( AP Photo/Jose Luis Magana)

FBI Director James Comey testifies on Capitol Hill in Washington, Tuesday, March 1, 2016, before the House Judiciary Committee hearing on ‘The Encryption Tightrope: Balancing Americans’ Security and Privacy.’ ( AP Photo/Jose Luis Magana)

“Apple’s rhetoric is not only false, but also corrosive of the very institutions that are best able to safeguard our liberty and our rights,” Assistant U.S. Attorney for the Central District of California Tracy Wilkison wrote in arguing the company should have to comply with a court order to help the FBI gain access to the phone. “If Apple can provide data from thousands of iPhones and Apple users to China and other countries, it can comply with [the court order] in America.”

Much of blistering rhetoric in the March 10 government filing was designed to match the charged language Apple executives and lawyers used in response to a Feb. 16 court order that would have forced Apple to give the FBI access to the phone used by Syed Rizwan Farook, the County employee who was killed after he launched the attack.

But buried deep within the government’s filing Thursday is a less theatrical, more targeted attack on the central argument Apple has leveled in its defense: that the court is venturing into dangerous new territory by forcing Apple to create new software, rather than simply turning off programs it has already produced and sold.

The magistrate in the U.S. District of Central California ordered Apple to write software that would prevent the contents of Farook’s iPhone from being erased, allowing the FBI to safely crack the access code. Farook’s iPhone 5c, which belonged to the County, was automatically programmed to erase its contents after 10 failed attempts to guess its four-digit access code.

Apple resisted the order, saying it could lead to a dangerous expansion of government powers. Apple CEO Tim Cook wrote a strongly-worded letter to customers warning a victory by the government could lead to a “chilling” threat to privacy. Apple lawyer Ted Olson, the former Solicitor General of the United States under George W. Bush said the government was seeking “limitless” powers “that would lead to a police state.”

Article continues:


Called Out – By Henry Farrell March 7, 2016

The Global Consequences of Apple’s Fight With the FBIScreen Shot 2016-03-08 at Mar 8, 2016 2.44

By now, the details of Apple’s fight with the FBI are well known: the FBI wants access to an iPhone belonging to the deceased terrorism suspect Syed Farook, who was involved in the San Bernardino, California, attack on December 2, 2015. Farook’s iPhone is encrypted, so the FBI wants Apple to issue a tailored software update that would allow it to bypass the encryption. Apple has responded by refusing to write special software that would eliminate its security protections.

For both sides, the stakes are high. Apple says that complying with the FBI’s orders would set a dangerous precedent, and the FBI hopes that the court will decide in its favor, which it claims would be “instructive for other courts.” There is no real middle ground. Apple might be willing to cooperate with the FBI to solve some terrorismcases (although it is not at all clear that Farook’s work-issued phone is hiding any substantial secrets). But if Apple did offer its help, the FBI and law enforcement authorities would surely be tempted to take advantage, expanding the areas on which they seek collaboration.

Apple and the FBI are also aware that their domestic fight may have serious international repercussions. The outcome of their dispute will create an important precedent for foreign law enforcement agencies that seek data from Apple and other technology firms such as Facebook and Google.

If the FBI wins its case, foreign law enforcement agencies will surely take note. Already, governments are increasingly forcing technology companies to give up their customers’ data, no matter where they are located. Brazil just jailed Facebook’s vice president for Latin America for a day to pressure Facebook to release data wanted for a criminal investigation. France’s Parliament has just voted for a legislative amendment that would impose prison sentences and fines on technology companies that refuse to cooperate in terrorism inquiries. If the FBI wins a concession from Apple, Apple may soon find itself pressured by law enforcement officials in other countries, many of which may not share the United States’ liberal values.

FBI Director James Comey testifies during a House Judiciary hearing on "The Encryption Tightrope: Balancing Americans' Security and Privacy" in Washington, March 2016.

FBI Director James Comey testifies during a House Judiciary hearing on “The Encryption Tightrope: Balancing Americans’ Security and Privacy” in Washington, March 2016.

An Apple win would also be of global consequence. It would embolden Apple to strengthen its encryption and software update systems so that it would be nearly impossible for it to comply with similar orders from other governments. This would allow Apple to preempt demands from officials worldwide, but at the expense of making it harder for Apple to comply with legitimate law enforcement requests—not to mention making it harder for Apple to help its own customers when they forget their passwords and lose access to their data.

Apple and the FBI are aware that their domestic fight may have serious international repercussions.

Article continues:

Tech Companies, Security Experts Express Support For Apple – CAMILA DOMONOSKE Updated March 3, 20168:26 PM ET Published March 3, 20166:21 PM ET

Apple’s legal battle with the FBI over iPhone encryption continues: A federal magistrate, at the FBI’s request, has ordered the tech giant to write software to help investigators circumvent iPhone security features to access a phone used by one of the San Bernardino shooters. Apple is fighting the order, calling it dangerous, illegal and unconstitutional.

Today was the deadline for amicus briefs, or “friend of the court” filings in the case.

Some big names are throwing their weight behind Apple — Intel and AT&T have filed briefs, as well as Google, Facebook, Amazon, Microsoft, Snapchat, Box, Slack and Yahoo.

Relatives of some of the victims of the San Bernardino shooting, meanwhile, have filed to support the federal government’s position. Several law enforcement associations also oppose Apple, according to the Department of Justice.

The briefs filed on behalf of Apple (which have been shared by the company) reveal a wide swath of concerns affected by the question of smartphone security.

Here’s a sampling:

The Risk To Dissidents’ Lives

International human rights and technology nonprofit Access Now, along with Wickr Foundation, a nonprofit group affiliated with the messaging app Wickr, looked at the international implications, particularly the risk for dissidents facing oppressive governments:

“Deliberately compromised digital security would undermine human rights around the globe. Pursuant to international law, the United States has a duty to foster basic human rights such as freedom of expression and privacy. The assistance sought by the government not only diminishes the commitment of the United States to uphold those fundamental rights in the digital age, but also keeps Apple from fulfilling its own responsibilities to respect the human rights of users.

“Technology and connectivity have empowered millions around the world to demand social and political change — but criminals and authoritarian regimes exploit the same technology to identify and persecute protesters, democracy activists, bloggers and journalists. In some countries, reliable security tools such as encryption can be the difference between life and death. The relief sought by the government endangers people globally who depend on robust digital security for their physical safety and wellbeing.”

Article continues:



Are Apple and other tech companies somehow against America’s national security if they create uncrackable encryption software that government investigators or even the company’s own engineers can’t break into?

That’s the question coming to a head in the controversy over whether or not Apple should be forced to engineer new software to allow the FBI to unlock the iPhone used by one of the terrorists from the San Bernardino attack that killed 14 people in my home state of California last year.

The attacks were unspeakable and more needs to be done to prevent attacks like these in the future. But the FBI cannot mandate that Apple create a backdoor to override the iPhone’s encryption features without creating a dangerous precedent that could cast a long shadow over the future of how we use our phones, laptops and the internet for years to come. We must understand the gravity of what is at stake if we give government this unprecedented review of our private communications.

At first glance, the issue seems simple: Why shouldn’t law enforcement have access to information that could help us hunt down other terrorists or even to help prevent other terrorist attacks in the future?

But this simplification overlooks the reason why companies have built their systems so securely to begin with: namely, to prevent criminals, terrorists and hackers from gaining access to our private and sensitive information. It’s a huge technological breakthrough that engineers are able to build systems so secure that even their own architects cannot break into them. And it’s why major players in the tech industry—from Facebook and Twitter to Microsoft and Google—are lining up to support Apple’s stance.

Article continues:

Here’s Apple’s best argument against hacking the San Bernardino shooter’s iPhone – Updated by Timothy B. Lee on February 26, 2016, 9:40 a.m.


Apple has filed its official reply to the FBI’s demand that it write software to help the bureau access the iPhone of San Bernardino terrorism suspect Syed Farook. Consistent with its earlier public statements, Apple condemns the FBI’s request as an unprecedented expansion of government power that would endanger the privacy of Apple users. I expressed some skepticism of this argument last week, but I found Apple’s latest response pretty persuasive.

One danger is that an FBI win could set a legal precedent that puts us on a slippery slope to the routine use of smartphones for government surveillance. If Apple can be compelled to update the software on a dead suspect’s iPhone to help the FBI access encrypted data, it’s not obvious why the company couldn’t also be compelled to modify the software on a live suspect’s iPhone to listen in on his conversations or track his location.

But let’s say you’re confident that the courts can draw a reasonable distinction between the FBI’s current request to unlock an encrypted iPhone and more outlandish surveillance scenarios. There’s still a big practical problem that the FBI and its allies haven’t really grappled with.

iPhone hacking software will be a magnet for bad guys

Every new version of the iPhone operating system goes through an extensive testing process before it’s signed by Apple. That’s critical because an iPhone will refuse to install software updates that haven’t been mathematically blessed by Apple. Given how dangerous it would be if someone tricked Apple into signing malware, we can assume that Apple takes extreme precautions to make sure that doesn’t happen.

But it will be hard for Apple to maintain high security standards if it is forced to create the hacking software the FBI has demanded. In its legal filing, Apple notes that “there are hundreds of demands to create and utilize the software waiting in the wings. If Apple creates new software to open a back door, other federal and state prosecutors — and other governments and agencies — will repeatedly seek orders compelling Apple to use the software to open the back door for tens of thousands of iPhones.”

Manhattan District Attorney Cyrus Vance alone has said there are at least 175 iPhones he’d like to have unlocked.

Article continues: