Tag Archives: Electronic Frontier Foundation

Congress has sent proposed legislation to President Trump that wipes away landmark online privacy protections. According to The Washington Post, that means removing limits from what companies like AT&T, Verizon and others can do with information like your Internet browsing habits, app usage history, location data and Social Security number. It will also reduce rules requiring providers to strengthen safeguards for your data against hackers and thieves.

Not only will Internet providers be able to monitor your behavior online: without your permission, they will be able to use your personal and financial information to sell highly targeted ads. The providers could also sell your information directly to marketers, financial firms and other companies that mine personal data — all of whom could use the data without your consent. In addition, the Federal Communications Commission, which initially drafted the protections, will be forbidden from issuing similar rules in the future.

If this alarms you as much as it does us, the Electronic Frontier Foundation has extensive resources available to help you reclaim your privacy. First and foremost is Surveillance Self-Defense: Tips, Tools and How-to’s for Safer Online Communications. Browse the section for authoritative information on securely removing deleted information from your computer, the most secure email systems, and the basics of encryption as well as an overview of encryption tools.

The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development.   You may not support their stance on all Internet-related issues, but they are an excellent resource if you are concerned with the security of your data. Their site merits revisiting whenever you want to assume more control over your online privacy and security…or just want more insight into what your options are.

 
 

In the dust-up regarding leaked Democratic National Committee emails, we are surprised DNC members were not using encrypted emails. Especially for their their personal accounts. Everyone in their position needs email privacy. They should consider apps like Wickr, which allows users to send messages to each other that are “secured with military-grade encryption” and that are destroyed after a user-set time period. Unlike some other secure messaging services, Wickr also ensures that your messages can’t even be read by Wickr itself.

The Electronic Frontier Foundation has given Wickr high marks for data protection. PC Mag calls it “best secure messenger on Android.” (Though it “has a little ways to go before it becomes the best messenger app overall.” PC Mag  gives that title to voice and messaging app Viber.)

Wickr’s co-founder and CEO Nico Sell runs a white-hat hacking camp at the Def Con conference in Las Vegas every year. The camp is designed for “children and teenagers,” but we hear that doesn’t stop a lot of adults from participating. It starts next week.

 
 

The Electronic Frontier Foundation (EFF) is the largest organization dedicated to Internet privacy and related issues. Its resources are considered the gold standard by many experts.

That’s why their Secure Messaging Scorecard caught our attention. It examines dozens of messaging technologies and rates each of them using a range of security metrics. If you already use messaging you think is secure, you may be in for a surprise. (Hint:  low ratings are given to Google Hangouts/Chat “Off the Record,” Hushmail, Skype and Yahoo Messenger, among others.)

The scorecard is part of a campaign the EFF has undertaken in collaboration with Julia Angwin at ProPublica and Joseph Bonneau at the Princeton Center for Information Technology Policy to help consumers access tools to encrypt their communications. They are championing technologies that are strongly secure and also simple to use.

If you are interested in using the safest encryption tools in your communications, their report is essential reading.

 
 

Mozilla’s CEO has stepped down after becoming a topic of hot debate – debate all companies can learn from. The facts:

  • Mozilla’s stated mission is “to promote openness, innovation and opportunity on the Web.” The company is the world’s leading provider of free and open-source software, including one of the top Internet browsers and a widely praised email client with an extensive array of privacy add-ons.
  • In 2014 Mozilla appointed a CEO who is the creator of the JavaScript scripting language and a cofounder of Mozilla. But they also knew that he is an opponent of gay marriage— a record of his 2008 contribution to an anti-gay marriage bill in California is publicly available.

What were Mozilla’s mistakes?

Mozilla failed to recognize that as a company that is considered a leading proponent of online freedom, appointing a leader with such a personal view could be widely viewed as an inappropriate representation of their culture.

They didn’t forsee how they could become a topic of discussion by a public that becomes vocal online when they believe an inequitable or inappropriate decision has been made by a company in a leadership position.  Mozilla also didn’t envision how the issue might be embraced by activists who could ignite or fuel the fire.

Mozilla Has Plenty of Company

Many companies have found themselves in similar positions when they don’t consider and prepare for reactions to their decisions. That includes recognizing the growing role online discussion has taken in influencing whether such decisions will succeed. Such examples include:

  • Advertising firms that produce multimillion-dollar campaigns without researching the social media platform of the celebrity that was hired as the spokesperson…realizing only after launch that content published in his or her tweets are incompatible with their client’s brand.
  • Major government organizations that appoint a business leader to a prominent role, and have to backtrack when the public finds the match inappropriate because of the executive’s views. (Or vice-versa.)
  • CEOs that are chastised by consumers and employees who find their public treatment of staff inappropriate (and launch a viral campaign to say so).
  • Celebrities who don’t understand how their behavior alienates their audiences.

In a Multi-Cultural World, Everyone Has a Point of View

There are companies that would find an anti-gay marriage viewpoint reflective of their culture and that of their customers.  Certainly many Mozilla contributors and users support that view: it has an enormous, international audience with differing cultural, gender and religious beliefs.

But Mozilla has received significant support from the progressive community. Such advocates can quickly turn into detractors when an organization makes a decision that appears to conflict with its principles.

Mozilla has responded quickly and transparently to this controversy. The Mozilla Blog published this FAQ which was preceded by this statement about their CEO’s departure.

Online Reputation Management Still an Area of Trial and Error

Online reputation management is still an area of trial and error for most everyone. When a mistake is made, the public generally remains open minded if a company addresses that mistake, allowing it the opportunity to move forward on an improved path of awareness.

Nonetheless, issues are better handled proactively than reactively. Organizations and their boards should consider the following when deliberating on high-level hires and major or potentially controversial decisions:

  • Conduct an online audit of the topic to weigh public and private views, strengths and weaknesses.

Such due diligence is not about ferreting out what is right or wrong, but whether the decision is appropriate for the culture of the organization in the Internet era.

 
 

More and more often, a fresh batch of compromising emails threatens to torpedo a reputation, whether it’s Chris Christie staffers coordinating political retaliation, the swirl of exchanges that sparked the Petraeus scandal, or the embarrassing and costly boasting of former Goldman Sachs trader Fabrice “Fabulous Fab” Tourre.

These are some of the most egregious examples of the havoc that can ensue, but the risks of errant mails aren’t limited to top government offices and Wall Street skyscrapers. Nor are the dangers they pose anything new. Half of computer users “have accidentally sent a sensitive email to the wrong person” and “70 percent of businesses are concerned about sensitive material falling into the wrong hands as a result of data leakage via email.” Before you click that send button again, let’s take a look at what we’re up against, as well as some ways we can protect ourselves.

Data Leaks

One of the first things to keep in mind is that email isn’t as private as you might think, especially at work. “Even if your employer doesn’t have an email policy, it still probably has the legal right to read employee email messages sent using its equipment and network,” says attorney and author Lisa Guerin. Emails are often exposed in the course of investigations and trials. They can also be stolen by hackers, such as the recently-jailed Guccifer, whose exploits included posting paintings by George W. Bush, or Christopher Chaney, who’s serving time for hacking the email accounts of stars like Scarlett Johansson and Christina Aguilera. Then there are the major email providers, which often reserve the right to snoop on you in their privacy policies, and the NSA, which can probably intercept your messages.

 Gone But Not Necessarily Completely

It’s also important to remember that, even though an email may be long gone from your inbox, that doesn’t mean it’s vanished completely. Those who’ve had their private messages go viral can attest to that. “E-mail, Twitter, texting and the rest all intuitively feel like short fuse ephemeral communications—a quick word in passing, if you will,” explains former British intelligence officer John Bassett in an article on India’s NDTV.com. “Yet as soon as we push the send button, these communications take on an enduring digital permanence that means that in effect they never quite go away.”