May 17 - Geneva, Switzerland - Cynthia Wong is speaking about freedom of expression on a panel at the 2012 WSIS Forum in Geneva
Cybersecurity has been CDT's big focus over the past two weeks and will be a major priority in the next several months, as we seek common ground on a narrowly tailored bill to promote the sharing of cyberthreat information among the private sector and between the private sector and government. The CIPSA information sharing bill passed the House on April 26, improved but still fundamentally flawed. Attention has shifted to the Senate, where we are seeking improvements to the Lieberman-Collins bill. Meanwhile, we have also been working on the privacy issues associated with mobile payments and the free expression implications of proposed FCC rules on whether and when government agencies can shut down wireless services.
Recap of CDT Advocacy on CISPA
CDT has consistently said that the sharing of cyberthreat information could improve the security of government and private networks and that a narrowly tailored amendment to the privacy laws to permit information sharing would be appropriate. We were equally consistent in saying that the leading bill in the House of Representatives, known as CISPA, was flawed in key ways: The definition of what could be shared with the government was too broad in the bill as introduced; the flow of information directly to the National Security Agency could give that military agency too wide a window into private Internet traffic; and trust in the voluntary program could be undermined if the government was permitted to use the information for purposes unrelated to cybersecurity. CDT worked in the House to address these issues.
We made some progress, especially on clarifying the definition of the information that could be shared with the government and, to a lesser degree, on limiting the government's use of information for non-cybersecurity purposes, particularly with respect to law enforcement. We were disappointed when the House leadership blocked votes on amendments to address the role of the NSA and the non-cybersecurity uses of information shared with the government. For more about our participation in the process surrounding House consideration of CISPA and our views about the outcome, see our site and Leslie Harris' piece at the Daily Beast.
Mobile Payment Services Require "Privacy by Design"
After many years of talk, it seems as though mobile payments are soon going to change how consumers make in-store purchases. Major smartphone manufacturers, mobile network operators, and credit card issuers are gearing up to provide services that will let consumers buy items in brick-and-mortar stores just by swiping their phones at checkout.
While this will create interesting and convenient new apps, mobile payments could also result in more consumer data being exposed to more companies than in traditional credit card transactions. Without strong user privacy controls, mobile payments may turn your cell phone into a magnet for telemarketing, spam, and online behavioral advertising. CDT has repeatedly called on companies to integrate privacy protections into the fabric of their products and services, a process known as “privacy by design.” In particular, mobile payment services should give users both global and granular options to restrict the disclosure of any information that is not necessary to complete a transaction.
CDT to FCC: Wireless Shutdowns Are Never the Right Choice
Last year, officials of the San Francisco Bay Area Rapid Transit agency (BART) temporarily shut down cell phone service in BART stations, in an effort to prevent protesters from communicating with each other. While much more limited in scope than, say, the Internet shutdown ordered by former Egyptian President Mubarak, BART's ill-conceived action still had the potential to set troubling precedent for wireless interruption in the US.
In response, the Federal Communications Commission has released a Notice of Inquiry raising the legal and policy implications of wireless service interruption. On April 30, CDT joined a coalition of other civil liberties groups, including Public Knowledge and the Electronic Frontier Foundation, in filing comments responding to the Commission's inquiry.
Examining both First Amendment principles and the Communications Act, we conclude that interrupting wireless service is a "prior restraint" on speech, the most highly disfavored form of censorship. We note that even in emergencies, shutting down communications is wireless service is extremely hard to justify, especially since that is precisely when the public most needs to receive and transmit information. We urge the Commission to issue clear rules confirming that, as a matter of both law and policy, state and local governments, private parties, and wireless carriers themselves cannot, and the federal government will not, interrupt wireless services in an emergency.
Taking a small step on a large issue, President Obama on April 23 signed an Executive Order limiting export to the Iranian and Syrian governments of technologies that allow them to disrupt networks and monitor and track citizens. For more on international Internet policy developments, subscribe to CDT's Global Policy Weekly.
Interpreting the Computer Fraud and Abuse Act, the U.S. Ninth Circuit Court of Appeals ruled that it is not a federal crime to violate an employer's computer use policy or a website's terms of service.
Click to view this email in a browser
If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
Center for Democracy & Technology
1634 I St.
Washington, District of Columbia 20006
Read the VerticalResponse marketing policy.