Electronic Frontier Foundation @eff@mastodon.social

Be part of history – RSVP for our Last EFF30 Fireside Chat! https://www.eff.org/event/eff30-fireside-chat-founders-edition

Comprometerse con los derechos humanos en una democracia requiere higiene cívica, rechazando herramientas no democráticas. India debe retirar sus nuevas reglas sobre intermediarios de Internet al atentar contra el cifrado y permitir la censura. https://www.eff.org/es/deeplinks/2021/07/indias-draconian-rules-internet-platforms-threaten-user-privacy-and-undermine

RT @aclu_mo: “Throwing money at ineffective programs when we could be investing in community solutions that prevent crime is an irresponsib…

Help end warrantless FBI surveillance of communications. It’s time to close the backdoor in Section 702 of FISA by telling your representatives to support @RepZoeLofgren @RepJayapal @RepThomasMassie @Davidson @WarrenDavidson's amendment to H.R. 4505.

https://act.eff.org/action/tell-congress-close-the-warrantless-backdoor-to-spy-on-communications

That’s why the U.S. needs comprehensive data privacy regulation more than ever. This kind of abuse is not inevitable, and it must not become the norm. https://www.eff.org/deeplinks/2019/06/effs-recommendations-consumer-data-privacy-laws

All of this underlines just how harmful a collection of mundane-seeming data points can become in the wrong hands.

We’ve said it before and we’ll say it again: metadata matters. https://ssd.eff.org/en/module/why-metadata-matters

Another piece of the puzzle is the ad ID, another so-called “anonymous" label that identifies a device. Apps share ad IDs with third parties, and an entire industry of “identity resolution” companies can readily link ad IDs to real people at scale. https://www.vice.com/en/article/epnmvz/industry-unmasks-at-scale-maid-to-pii

In particular, there’s no such thing as “anonymous” location data. Datapoints like one’s home or workplace are identifiers themselves, and a malicious observer can connect movements to these and other destinations. In this case, that includes gay bars and private residences.

Apps and data brokers claim they are only sharing so-called “anonymized” data. But that’s simply not possible. Data brokers sell rich profiles with more than enough information to link sensitive data to real people, even if the brokers don’t include a legal name.

But Grindr is just one of countless apps engaging in this exact kind of data sharing. The real problem is the many data brokers and ad tech companies that amass and sell this sensitive data without anything resembling real users’ consent. https://www.eff.org/deeplinks/2020/01/grindr-and-okcupid-sell-your-data-twitters-mopub-real-problem

...before the Norwegian Data Protection Authority fined Grindr earlier this year, specifically warning that the app’s data-mining practices could put users at serious risk in places where homosexuality is illegal. https://www.nytimes.com/2021/01/25/business/grindr-gdpr-privacy-fine.html

This is not the first time Grindr has been in the spotlight for sharing user information with third-party data brokers. The Norwegian Consumer Council singled it out in a 2020 report… https://www.forbrukerradet.no/undersokelse/no-undersokelsekategori/report-out-of-control/

Why should you care about data brokers?

This story—about a Substack publication outing a priest with location data from Grindr—shows how easy it is for anyone to take advantage of data brokers’ stores to cause real harm. https://www.washingtonpost.com/religion/2021/07/20/bishop-misconduct-resign-burrill/

Photos you provide for identification are often shared, without your consent, with law enforcement, the FBI, ICE, and others.

Who Has Your Face?

https://www.whohasyourface.org

RT @textfiles: https://twitter.com/ByronTau/status/1417640670039248897 https://t.co/4BCaayFxq3

Thank you for your support, Gail! https://twitter.com/dust__bath/status/1417584477946138627

Venmo still has time to make transactions and friends lists private by default, and we hope it makes the right choice. https://www.eff.org/deeplinks/2021/07/venmo-takes-another-step-toward-privacy

EFF and Internet Archive amicus brief: Scraping is not hacking and doesn't violate the CFAA https://www.eff.org/deeplinks/2021/07/eff-ninth-circuit-recent-supreme-court-decision-van-buren-does-not-criminalize-web

It's the last day to join EFF for just 20 bucks, and stand with members around the world for online privacy & free speech.

Your rights to explore ideas and hold a private conversation are more crucial than ever, and we can use your help. http://eff.org/greetings https://t.co/VGcy6EYBvA

Scraping is not a crime.
Along with the @internetarchive, we're telling the Ninth Circuit that hiQ Labs did not violate federal law by collecting publicly available information from LinkedIn. https://www.eff.org/deeplinks/2021/07/eff-ninth-circuit-recent-supreme-court-decision-van-buren-does-not-criminalize-web