Who Has Your Back?
The fifth annual “Who Has Your Back?” report has been published by the Electronic Frontier Foundation, highlighting the companies that do the best and worst jobs of resisting government demands for users’ data and keeping users informed of such demands. Here's the scoop... |
The 2015 "Who Has Your Back?" Report
Yesterday I published an article exploring the question of whether the NSA has hacked into your antivirus software. It was also critical of antivirus vendors, for sloppy coding practices that actually make you MORE vulnerable to online attackers. Is anyone watching the watchers?
The EFF's report is important because the U.S. Congress does not have your back. Our dully (sic) elected representatives are firmly in bed with the NSA, FBI, and other law enforcement agencies that want to pry into every aspect of your digital life. Before you write off that statement as just one man's jaded opinion, consider these FACTS.
• Congress has failed to update the 1986 Electronics Communications Privacy Act to, among things, erase the arbitrary distinction between email stored on a server for more than 6 months and email stored for less than 6 months. The former is considered “abandoned” under the ECA, and like the trash you put out at the curb it can be searched without a warrant.
• Congress has “reformed” the NSA’s mammoth collection of Americans’ phone call metadata by making the NSA’s job EASIER. Cellular carriers are now required to archive all that data, sparing the NSA the trouble and expense. Carriers must produce data about specific users upon demand.
• Lawmakers have come right to the brink of passing legislation that would require software developers and online services to provide backdoors into their programs and services for law enforcement to snoop on users. It would also effectively ban companies’ efforts to “know nothing” about users’ data so that they can’t be compelled to reveal it to the government.
Who Can You Trust?
So if anyone’s going to protect your privacy, it will have to be the companies with which you do business. The EFF’s report puts pressure on companies to do so by making their policies and practices public and encouraging consumers to choose their suppliers accordingly.
The EFF’s efforts seem to have worked. Over the past four years, we have seen tech giants become more transparent in their reporting of government requests for user data (See Google’s report, for example.) Many began requiring a search warrant before handing over users’ data.
So far, no tech giant has fought a search warrant to the death to protect a user’s privacy, as the Tattered Cover bookstore did in 2000. In that case, local cops got a search warrant for the purchase records of a customer suspected of manufacturing illegal drugs. Store owner Joyce Meskis fought that warrant all the way to the Colorado Supreme Court, and won a landmark victory for customers’ privacy rights. (The book the suspect purchased turned out to be about Japanese calligraphy, not drugs.)
Most companies have already adopted policies that meet the criteria of the original EFF report. But the bar has been raised, according to the EFF’s notes in this year’s report:
Users should look to companies like Google, Apple, Facebook, and Amazon to be transparent about the types of content that is blocked or censored in response to government requests, as well as what deleted data is kept around in case government agents seek it in the future. We also look to these companies to take a principled stance against government-mandated backdoors.
Winners and Losers
Detailed explanations of the criteria the EFF used this year to rate companies is on the EFF Web site. The ratings of all the companies reviewed by the EFF are here. For the goriest details, download this PDF of the entire report.
Nine companies earned perfect scores on the EFF’s rating system: Adobe, Apple, CREDO Wireless, Dropbox, Sonic.com, the Wickr self-destructing message service, Wikimedia, Wordpress and Yahoo.
WhatsApp earned just one star out of a possible five, for opposing backdoors. AT&T earned just one star for following long-established best practices. Verizon earned just two stars. Neither of these major telecom companies has publicly opposed efforts to require backdoors into their networks for law enforcement purposes.
The EFF report sheds light on the privacy protection policies of companies you may do business with. It’s up to you and other users to keep pressure on the slackers to beef up their defenses of your privacy. Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 26 Jun 2015
For Fun: Buy Bob a Snickers. |
Prev Article: Has The NSA Hacked Your Security Software? |
The Top Twenty |
Next Article: Who Got Caught Disabling Windows Update? |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- Who Has Your Back? (Posted: 26 Jun 2015)
Source: https://askbobrankin.com/who_has_your_back.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Who Has Your Back?"
Posted by:
RandiO
26 Jun 2015
Thank you , once again, Mr. Rankin,
You should also be in that list because of your hard work. Cheers!
Posted by:
Wayne
26 Jun 2015
If one has nothing to hide from the government, what's the big deal? Now if the government is going into our financial records, banks and investments and possibly steal funds - that is a different issue.
Posted by:
Guy
26 Jun 2015
Bob, Thanks for the informative newsletter. I happen to have one of the worst carriers for cell phone and made them a promise that if they didn't change I would and go with a carrier that thought more about my data then they do. Really enjoy your newsletters and have been reading since the Internet TourBus days. Thanks so much for your input. As always it's very good.
Guy
Posted by:
Dave
27 Jun 2015
When I was in the USAF Electronic Security Command a popular sign over the R&D operator's positions was
"In God We Trust, ALL Others We Monitor (and yes, we're still searching for HIS frequencies).
Posted by:
bb
27 Jun 2015
Mr. "If you have nothing to hide what's the problem?" *is* the problem. You don't get to decide what I want to keep secret and what I don't. Otherwise, maybe someone thinks it's important to put an active webcam in your bathroom. You ok with that?
The gubbermint should not make the decision what is private and what isn't - I want to make that decision. And yes that means everyone may make different decisions about that ... and that's ok too. Opt out is a powerful tool, and some people want to take that choice away.
Often the position of those in charge is, "Trust us, we know what we are doing." Do you? The default position of the US Constitution is exactly the opposite, with limited powers explicitly defined. We are losing our liberties here and the quote from Ben Franklin applies, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
One thing I love about technical blogs is politics seldom is involved; whether racetrack memory will be the next big thing has nothing to do with the current ruling party. But privacy is such an intersecting topic and we need to educate our elected officials that this is something that matters.
Posted by:
Ron
27 Jun 2015
If you have nothing to hide then leave your home unlocked. Then everyone can walk in when they want to rummage through whatever they want at any time that they want.
It is called privacy. I want to decide who enters my "home" and what they see!
Posted by:
InLionSk8r
27 Jun 2015
Many are too young to have used a "party line" like our family had in my early years. We knew that anything said on the phone, was ASSUMED to be shared with the neighborhood. We also knew that the phone and phone-wires in our home were the property of AT&T. Ma Bell owned us. Even though the mail rules back then, SEEMED to be written to protect our privacy, it's never been unusual to find opened letters and miss-directed items. Cameras in stores peered over our shoulders early-on... 'way before the internet. So over time, many of us figured nothing was truly private. Not much has changed, other than the means and speed of getting our dirty laundry held out for others to see.
Posted by:
Chuck
27 Jun 2015
If one has nothing to hide from the government, what's the big deal??????????????? I'm not going to hide anymore from them than they hide from me. I'm going to be as transparent as they are. The government officials can tell me all their intimate details, or I can just wait until the Chinese publish it. How many times has the governmen shown they can't be trusted? Daily? Never trust anyone who says "trust me".
Thanks Bob for the good work.
Posted by:
Doc
27 Jun 2015
Having read this a day late I find it terrifying that there are only THREE (so far) comments on this issue. Wayne says, in essence, "If you haven't done anything wrong what's the big deal?"
1) Doesn't anyone remember the McCarthy Hearings? Or is that no longer a part of American History? Things you MAY have done 20 years before, which were legal then, and were still legal, were used to destroy the lives of THOUSANDS of Americans. Now they have the ability to store the evidence and recall it at will for the rest of your life.
2) Back when Ginsburg was being 'vetted' by the congress she was asked two telling questions: Do people have a right to privacy, and, most important "Is ignorance of the law a valid argument?" She affirmed, in a round about way, that people DO have the 'expectation' of privacy in "most" of their daily activities unless there is EVIDENCE [meeting legal, constitutional,definitions, including the presumption of innocence] to the contrary.
To the Second question, "Is ignorance of the law a valid excuse?" She pointed out that each year the congress passes so many laws that if you took 100 people reading at 300 WPM working 24 hour days with no breaks, they would complete reading a years worth of laws at the 80% mark. That means that we pass so many laws each year that 100 fast readers would only be able to read 80% of them. And each 'law' then branches into regulations increasing the laws exponentially.
So who knows if they 'have done nothing' to break the law? No one. And now the government has the ability to hold ALL your data for your entire life, and perhaps someday use it to build a case - even if circumstantial - against anyone. Now think about what a well trained lawyer could do to interpret and use against you things you said when you were 16, or what you said to your friends about the Bush family of presidents, or about Clinton-Obama - or JFK-LBJ or Regan-Nixon when you were 25. Ever find that as you grow your belief system changes? I have. Yet now they have very hard evidence that can be used in court against me from when I believed differently than today.
And, Bob, I had no idea that ANY e-mail was 'trash' after 6 months, I thought that dumping it turned in into 'trash'. I guess I have about a days worth of work dumping nearly 10 years or more of e-mails from the accounts that I can remember.
And, Bob, perhaps an article or two about e-mail laws might be worth thinking about.