The State of the Union: What Wasn’t Said (Electronic Frontier Foundation)

President Donald Trump’s first State of the Union address last night was remarkable for two reasons: for what he said, and for what he didn’t say.

The president took enormous pride last night in claiming to have helped “extinguish ISIS from the face of the Earth.”

But he failed to mention that Congress passed a law at the start of this year to extend unconstitutional, invasive NSA surveillance powers. Before it passed the House, the Senate, and received the president’s signature, the law was misrepresented by several members of Congress and by the president himself.

On the morning the House of Representatives voted to move the law to the Senate, the president weighed in on Twitter, saying that “today’s vote is about foreign surveillance of foreign bad guys on foreign land.”

Make no mistake: the bill he eventually signed—S. 139—very much affects American citizens. That bill reauthorized Section 702 original enacted as part of the FISA Amendments Act—a legal authority the NSA uses to justify its collection of countless Americans’ emails, chat logs, and browsing history without first obtaining a warrant. The surveillance allowed under this law operates largely in the dark and violates Americans’ Fourth Amendment right to privacy.

Elsewhere in his speech, the president trumpeted a future America with rebuilt public infrastructure. He foretold of “gleaming new roads, bridges, highways, railways, and waterways across our land.”

What the president didn’t say, again, is worrying. The president failed to mention that the Federal Communications Commission, now led by his personal choice in chairman, made significant steps in dismantling another public good: the Internet.

Last year, the FCC voted to repeal net neutrality rules, subjecting Americans to an Internet that chooses winners and losers, fast lanes and slow ones. The FCC’s order leaves Americans open to abuse by well-funded corporations that can simply pay to have their services delivered more reliably—and quickly—on the Internet, and it creates a system where independent business owners and artists are at a disadvantage to have their online content viewed by others.

And the president last night mentioned fair trade deals and intellectual property. He complimented his administration’s efforts in rebalancing “unfair trade deals that sacrificed our prosperity and shipped away our companies, our jobs, and our Nation’s wealth.” He promised to “protect American workers and American intellectual property through strong enforcement of our trade rules.”

Trump didn’t mention that the United States' demands for the copyright and patent sections of a renegotiated NAFTA closely mirror those of the TPP, with its unfair expansion of copyright law. It’s ironic that one of the TPP’s most vocal critics would seemingly champion one of its most dangerous components.

The president gave Americans a highlight reel last night about his perceived accomplishments. But he neglected to tell the full story about his first year in the White House.

As civil liberties are threatened and constitutional rights are violated, EFF is continuing to fight. We are still supporting net neutrality. We are still taking the NSA to court over unconstitutional surveillance. And we are still working to protect and expand your rights in the digital world, wherever the fight may take us.

Posted in Uncategorized Tagged

EFF Asks California Court to Reverse Ruling That Could Weaken Open Records Rules, Impede Public Access to Government Records (Electronic Frontier Foundation)

State agencies in California are collecting and using more data now than they ever, and much of this data includes very personal information about California residents. This presents a challenge for agencies and the courts—how to make government-held data that’s indisputably of interest available to the public under the state’s public records laws while still protecting the privacy of Californians.

EFF filed an amicus brief today urging a state appeals court to reverse a San Francisco trial judge’s ruling that would impede and possibly preclude the public’s ability to access state-held data that includes private information on individuals—even if that data is anonymized or redacted to protect privacy.

The California Public Records Act (CPRA) has a strong presumption in favor of disclosure of state records. And the California state constitution recognizes that public access to government information is paramount in enabling people to oversee the government and ensure it’s acting in their best interest. But the state constitution also recognizes a strong privacy right, so public access to information must be carefully balanced with personal privacy.

To keep records secret, agencies must show that concealment, not transparency, best serves the public interest. This balancing test was at issue in a lawsuit brought by UCLA law professor Richard Sanders and the First Amendment Coalition (FAC), who are seeking access to information from the California Bar Association about the race, ethnicity, test scores, and other information of tens of thousands of people who took the state bar exam to become lawyers. The state bar refused to release the data to protect the confidentiality of test-takers, even though no names or personal identifying information would be disclosed. The case is Sander v. State Bar of California.

A trial court sided with the bar. The case eventually went all the way to the California Supreme Court, which correctly recognized the strong public interest in disclosing the data so the effect of law school admissions policies on exam performance could be studied. It’s “beyond dispute” that the public has the right to access the information, the court said in a unanimous decision, as long as the identity of individual test takers remained confidential. It sent the case back to the trial court to decide if and how much material could be released.

This is where things took a wrong turn. Sanders and FAC presented several possible protocols to protect bar exam takers’ privacy, including three complicated anonymization techniques, but the trial court ruled that, even under these protocols, the data couldn’t be released. The court improperly placed the burden on Sanders and FAC to show that there was absolutely no way anyone’s identity could be revealed—including if the anonymized data were combined with other obscure but publicly-available personal information. In doing so, the court failed to adhere to the CPRA’s balancing tests, which require the state bar to show that the public interest in protecting the privacy of bar takers—even after their data is stripped of identifying information—clearly outweighs the public interest in the data.

In a particularly dangerous finding, the court held the CPRA couldn’t require the state bar to apply anonymization protocols because that would constitute creating a “new record” from the existing data. However, the CPRA clearly requires agencies to produce as much public information as possible, even if that means using a “surgical scalpel” to separate information that’s exempt from disclosure under the CPRA from non-exempt information. Techniques for protecting exempt information while still releasing otherwise non-exempt government records that are of great interest to the public must evolve as the government’s means of collecting, compiling, and maintaining such records has evolved. Protocols that propose to anonymize data, such as those presented by Sander and FAC, represent one such technique. California courts should not avoid grappling with whether anonymization can protect privacy by dismissing it out of hand as the creation of a “new record.” 

The California’s Public Records Act is a vital check on government secrecy. With the explosive growth of government data, particularly law enforcement surveillance data, we can’t stand by while courts sidestep the task of evaluating anonymization protocols that will increasingly play a role in balancing public access rights under the CPRA and laws like it in other states. If upheld, the Sanders ruling could weaken the public’s ability to access other electronic records and government data that contains private identifying information. EFF has fought in court to gain access to license plate records indiscriminately collected on millions of drivers by Los Angeles law enforcement agencies. The California Supreme Court ruled that police can’t keep those records secret, paving the way for EFF to analyze how this huge surveillance program works. But the records could identify drivers, so the next step is to figure out how the data can be made public in a redacted or anonymized form to protect drivers’ privacy. We are watching the Sanders case closely, and hope the appeals court does the right thing: reverse the trial court’s findings, require it to fully address the proposed anonymization protocols, and properly apply the balancing tests under the CPRA.

Posted in Uncategorized Tagged

California’s Senate Misfires on Network Neutrality, Ignores Viable Options (Electronic Frontier Foundation)

Yesterday, the California Senate approved legislation that would require Internet service providers (ISPs) in California to follow the now-repealed 2015 Open Internet Order. While well-intentioned, the legislators sadly chose an approach that is vulnerable to legal attack.

The 2015 Open Internet Order from the Federal Communications Commission provided important privacy and net neutrality protections, such as banning blocking, throttling, and paid prioritization. It is important for states to fill the void left behind by the FCC’s abandonment of those protections.

States are constrained, however, because federal policy can override, or “pre-empt,” state regulation in many circumstances. State law that doesn’t take this into account can be invalidated by the federal law. It’s a waste to pass a bill that is vulnerable to legal challenge by ISPs when strong alternatives are available.

In a letter to the California Senate, EFF provided legal analysis explaining how the state can promote network neutrality in a legally sustainable way. Unfortunately, SB 460, the legislation approved by the California Senate, is lacking many of the things EFF’s letter addressed.

Better Approaches Left Behind by SB 460

Today, California spends $100s of millions on ISPs, including AT&T, as part of its California broadband subsidy program. The state could require that recipients of that funding provide a free and open Internet, to ensure that taxpayer funds are used to benefit California residents rather than subsidizing a discriminatory network. This is one of the strongest means the state has to promote network neutrality, and it is missing from SB 460.

California also has oversight and power over more than 4 million utility poles that ISPs benefit from accessing to deploy their networks. In fact, California is expressly empowered by federal law to regulate access to the poles and the state legislature can establish network neutrality conditions in exchange for access to the poles. Again, that is not in the current bill passed by the Senate.

Lastly, each city negotiates a franchise with the local cable company and often the company agrees to a set of conditions in exchange for access to valuable, taxpayer-funded rights of way. California’s legislature can directly empower local communities to negotiate with ISPs to require network neutrality in exchange for the benefit of accessing tax-payer funded infrastructure. This is also not included in the current bill.

States Should Put Their Full Weight in Support of Network Neutrality

Any state moving legislation to promote network neutrality should invoke all valid authority to do so. At the very least, California should view the additional legal approaches we have recommended as backups, to be relied upon if the current proposal is held invalid by a court.

If SB 460’s approach to directly regulating ISPs is found to be invalid, ultimately all the legislation does is require state agencies to contract with ISPs that follow the 2015 Open Internet Order. While an important provision, it can already be required with a stroke of the pen tomorrow under a Governor’s Executive Order much in the same way as Montana and New York. And while the 2015 Open Internet Order was a good start, why not bring to bear all the resources a state has to secure such an important principle for Californians?

EFF hopes that subsequent network neutrality legislation such as Senator Wiener’s SB 822 can cover what is missing in SB 460 or that future amendments in the legislative process can bring the full weight of the state of California to bear in favor of network neutrality. Both options remain available and it is our hope that California’s legislators understand that the millions of Americans who are fighting hard to keep the Internet free and open expect elected officials that side with us to deploy their power wisely and effectively.

The importance of keeping the Internet free and open necessitates nothing less.

Posted in Uncategorized Tagged