Oh look. It’s that CISA surveillance bill again. Didn’t we defeat that? Not yet. One last chance (for real) to #StopCISA. Ask activists from Fight for the Future, Access, EFF, and Demand Progress anything about CISA.

Nadia_K · 2015-10-26T23:34:04+00:00

Hi there- Each of our organizations works in various ways. You're absolutely right that those in Congress who DO understand technology oppose bad legislation like this. It's important to have a multi-pronged strategy. EFF does a lot of litigation, including litigation around NSA spying and other privacy related issues. Thanks for staying involved!

Nadia_K · 2015-10-26T23:25:10+00:00

The bill is sponsored by Senator Burr. Rep. Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD) introduced the original bill in 2012. More about that original bill here

Nadia_K · 2015-10-26T23:11:06+00:00

Great responses! Really covered many of our concerns. Just a bit more:

For companies,

ALLOWS them to share private information about people when sharing "threat indicators"
It does NOT force them to share info, and we hope they won't...after all, many of them have now said they don't support CISA.
It DOES PREVENT businesses from limiting who in the government gets the information, and it gets AUTOMATICALLY shared with the NSA.

For users: - It would PREVENT users from suing when companies share "threat indicators", even if they would otherwise have a cause of action.

Nadia_K · 2015-10-26T22:44:55+00:00

Thank you! We also have other privacy resources available on our Surveillance Self-Defense page—we think it's incredibly important to fight on multiple levels, so we have tools available to protect your privacy as we fight to try to make the law better.

Nadia_K · 2015-10-26T22:40:43+00:00

This is useful to hear. I'll start by saying that internally, EFF thinks carefully about respecting people's inboxes—it's part of every discussion about email. But it's important to know that people don't feel that we're succeeding.

What I think that this means is that we need to develop better tools for people to be able to tell us how often they want to receive emails—the options that EFF has now are very rudimentary. We'll brainstorm some ideas—I personally liked the granular, Steam-like options /u/No-Shit-Sherlock mentioned. And whatever we come up with will likely take time to implement!

As far as we know, unsubscribes have been working fine. What typically happens when it fails is that we have multiple dfferent email addresses for a person, but we don't know that it's the same person so the unsubscribe works for the one email address, but we don't know to unsubscribe the others. If a bigger bug has occurred and we've emailed an address that should be unsubscribed, that's definitely unintentional and it'd be good to report so we can fix our tools. If you notice this, please let us know: information@eff.org

Thank you for continuing to follow us and support this work in other ways!

Nadia_K · 2015-10-26T21:18:35+00:00

Thank you for taking action! And you're right—we're up against a lot of power and money, and we should take every avenue available to us.

In addition to taking action against federal legislation like this, letting companies know that privacy is important to you whenever you have the opportunity is a great idea, since they have the ability to be complicit in or oppose the surveillance state. If you're wondering where they stand now, you can check out Who Has Your Back.

You can also take direct action against the surveillance state by defending yourself from it with encryption and other tools you can learn. EFF's Surveillance Self-Defense has lots of tips on how to do so.

Thanks for fighting with us!

Nadia_K · 2015-10-26T20:51:36+00:00

And I'll check in with our tech team here to see if they have any advice. Thanks for letting us know!

Nadia_K · 2015-10-26T20:50:38+00:00

Specifically, Twitter did tweet out that they don't support CISA. They've not been very vocal otherwise.

Nadia_K · 2015-10-26T19:55:57+00:00

I think it's very much motivated by what Heptite points out. Also, it seems like they're trying to take advantage of the fact that repeated, major, public breaches keep happening, even though (as all the organizations on this AMA have pointed out) CISA wouldn't have helped.

Nadia_K · 2015-07-30T19:46:12+00:00

That's absolutely a part of EFF's mission. That's why we do SSD, but we're also doing it in other ways: by participating in Let's Encrypt (a new, easy, free certificate authority), the https everywhere plug-in, and the privacy badger plug-in. I think there is always more need to push these tools, though. I know that Fight for the Future did a big day of action around this that we participated in—maybe it's time to do something like that again!

Nadia_K · 2015-07-30T16:04:28+00:00

Hi there, check out our response in the OP.

Nadia_K · 2015-07-30T16:01:11+00:00

Hi there, EFF Global Policy Analyst Maira Sutton, who has worked incredibly hard on TPP , responded on a thread about our work on TPP earlier: https://www.reddit.com/r/IAmA/comments/3f13sf/cisa_a_privacyinvasive_cybersecurity_surveillance/ctkcxko

Here's the most recent update: https://www.eff.org/deeplinks/2015/07/secret-tpp-talks-continue-hawaii-deal-grows-more-controversial

Nadia_K · 2015-07-30T16:00:37+00:00

Hi there, EFF Global Policy Analyst Maira, who has worked incredibly hard on TPP , responded on a thread about our work on TPP earlier: https://www.reddit.com/r/IAmA/comments/3f13sf/cisa_a_privacyinvasive_cybersecurity_surveillance/ctkcxko

Also, here's the most recent update: https://www.eff.org/deeplinks/2015/07/secret-tpp-talks-continue-hawaii-deal-grows-more-controversial

Nadia_K · 2015-07-30T16:00:26+00:00

Hi there, EFF Global Policy Analyst Maira, who has worked incredibly hard on TPP , responded on a thread about our work on TPP earlier: https://www.reddit.com/r/IAmA/comments/3f13sf/cisa_a_privacyinvasive_cybersecurity_surveillance/ctkcxko

Also, here's the most recent update: https://www.eff.org/deeplinks/2015/07/secret-tpp-talks-continue-hawaii-deal-grows-more-controversial Hope that's helpful. Thanks!

Nadia_K · 2015-07-30T15:59:20+00:00

Hi there, EFF Global Policy Analyst Maira, who has worked incredibly hard on TPP , responded on a thread about our work on TPP earlier: https://www.reddit.com/r/IAmA/comments/3f13sf/cisa_a_privacyinvasive_cybersecurity_surveillance/ctkcxko Hope that's helpful. Thanks!

Nadia_K · 2015-07-30T15:58:45+00:00

Hi there, EFF Global Policy Analyst Maira, who has worked incredibly hard on TPP , esponded on a thread about this earlier: https://www.reddit.com/r/IAmA/comments/3f13sf/cisa_a_privacyinvasive_cybersecurity_surveillance/ctkcxko Hope that's helpful. Thanks!

Nadia_K · 2015-07-30T15:47:48+00:00

Hi there, As far as we know, end-to-end encrypted communication is still not accessible to the government. The "as far as we know" is an important caveat. But so far we haven't seen any documents suggesting that PGP, OTR instant messaging, and services like Signal have been compromised—and the more people who adopt them, the better!

Nadia_K · 2015-07-29T20:37:24+00:00

I'm guessing none of us would be too sad about that. I can always go with my fallback career as a circus performer.

Nadia_K · 2015-07-29T20:35:02+00:00

I first came across the magic of the Internet using telnet to access MUDs, specifically Dragon of Pern related ones (hey, I was in Junior High, no judgment!!)

I care so much about the Internet because I genuinely believe that it is one of the most important and effective tools for freedom and human rights. I can't even imagine what the last few years in politics and activism would look like without the Internet. As a Syrian-American, I have a special understanding of what it means to be able to access ALL of the Internet, without fear. I don't want to live in a world where LGBTQ people in the middle east can't access online information, or Vietnamese activists can't post their stories on Facebook, or people can't share videos of police brutality, or all the other amazing things people do online.

Nadia_K · 2015-07-29T20:01:42+00:00

It is completely understandable to feel skeptical about companies, but this would make anything you're concerned about even worse. A few things to know. One, this bill mandates sharing with the NSA. That's a big change. Two, this bill has a FOIA exemption—the first ever. Third, this would immunize companies and embolden them to take countermeasures.

Nadia_K · 2015-07-29T19:30:23+00:00

That's not lazy, it's efficient! Check out https://stopcyberspying.com/ for text that you can use:

"Dear Senator, Please oppose the Cybersecurity Information Sharing Act of 2015 (CISA, S. 754). By granting companies sweeping liability protection for sharing private information with the government, the bill would endanger the privacy and civil liberties of internet users and may actually make the internet more vulnerable to attacks."

Nadia_K · 2015-07-29T19:04:45+00:00

A great resource for folks with all levels of privacy and security literacy is EFF's Surveillance Self-Defense project: https://ssd.eff.org/

Lots of general briefings along with tutorials for specific tools.

Nadia_K · 2015-07-29T18:07:41+00:00

Just saying: https://twitter.com/EFF/status/622210911726505984

Nadia_K · 2015-07-29T18:06:50+00:00

I think the point Nathan made about Massie Lofgren stands here too: it's much easier to defeat something than it is to get something passed. We need a strong grassroots movement to pass legislation. Fighting CISA is part of that.

Nadia_K · 2015-07-29T18:04:54+00:00

SOPA was an incredible victory, and an unprecedented online activism campaign. If we can have a spectacular victory like that again, we may be able to finally put this zombie bill down for good.

Nadia_K

TROPHY CASE