Drew Mitnick

Today, President Barack Obama issued a presidential memorandum addressing the increased development and use of drones within the United States. Among other things, the memorandum, which has the force of law, requires the National Telecommunications and Information Administration (NTIA) to develop a multistakeholder process for the creation of non-binding rules governing commercial drone use. The NTIA will collaborate with businesses and civil society organizations to develop the guidelines, which must be drafted to adequately address threats to privacy and free expression posed by the public use of the technology, particularly the unique challenges of drones as mobile internet service platforms.

Today, U.S. Senator Tom Carper introduced the Cyber Threat Sharing Act of 2015, a new bill to authorize the public/private dissemination of cybersecurity-related information. The legislation’s limitations on the type of information that can be shared are not enough to protect user privacy. Access is calling on the U.S. Congress not to consider information-sharing legislation–which could ostensibly create new surveillance authorities under the guise of cybersecurity–until existing surveillance authorities are adequately reformed.

Senators show support for information sharing proposals that risk user privacy

This week the White House announced plans to release a new legislative proposal aimed at providing notice to victims of corporate data breaches. While these proposals show the White House’s prioritizing data security, it is not yet clear that Personal Data Notification and Protection Act will actually lead to improved security or provide adequate protection for users’ privacy.

Sony Pictures Entertainment was recently pwned by a group calling themselves the Guardians of Peace, ostensibly acting under the guidance of the North Korean government (though this is subject to debate). It was bad that the hackers took advantage of a culture of bad cybersecurity practice at Sony. Thanks to a bevy of embarrassing cybersecurity practices, worse cybersecurity discourse, and a growing culture of fear in Washington (and around the world), there is little doubt that this incident will be spun to support poorly-drafted laws that infringe upon user rights and do nothing to increase security. We shouldn’t, and we don’t, have to sacrifice privacy to achieve better network security. The U.S. Congress needs to reject any legislation that would attack our privacy, such as an invasive information sharing regime.

In spite of a feeble legislative term, including the particularly devastating failure of surveillance reform, the 113th U.S. Congress pushed through four positive last-minute cybersecurity bills over the past two days. President Obama is soon expected to sign these bills into law. The new cyber measures increase government transparency and Congressional oversight of federal cybersecurity efforts, while expanding coordination between civilian agencies. Access supports the efforts of Congress to pass cybersecurity legislation and hopes the momentum will lead to more significant legislation for the 114th Congress.

Today, U.S. Senator Ron Wyden introduced a bill to prohibit the government from mandating backdoors in hardware and software technologies. The legislation prohibits any federal agency from intentionally weakening consumer encryption standards. As we’ve previously said, strong encryption standards and device security are critical to the privacy of individual users. Access commends Senator Wyden and urges the Senate to quickly pass the Secure Data Act.

The U.S. government believes that those who are not in the U.S. or who are not U.S. citizens or permanent residents — “non-U.S. persons” in official parlance — have few to no privacy rights to protect them from U.S. surveillance. Access provides four policy recommendations that would start the U.S. on a course towards respecting the human rights of all people.

With limited time left in the legislative calendar for this Congress, it is time for an assessment of priorities. To start, we need to reign in the NSA’s privacy-violating surveillance programs. The USA FREEDOM Act would limit, instead of expand, the government’s intake of user information. It should be a priority for the outgoing Congress. And yet, priorities seems to be elsewhere.

The sweeping new powers contained in Australia’s terror laws have the potential to violate privacy and expression rights of Australians and non-Australians and to “strike at the heart of press freedom.” The terror laws create a mutually reinforcing surveillance scheme, greatly restricting the spaces in which people are free to think and to act on and offline.