How the EFF Works

and I love talking about technology. And if you listen to the previous episodes of tech Stuff, the two that came before this, you heard about the the evolution did the birth really of the Electronic Frontier Foundation as a result of a really bizarre and ultimately over zealous sting operation that the Secret Service did back in the early nineties.

So I want to talk more about the Electronic Frontier Foundation and exactly what they do since really I just talked about them kind of coming into being in the last episode, and you know all about how uh the Steve Jackson, who was the target of the Secret Service in part of their sting operation, felt that his and his employees civil liberties had been violated and was looking for someone to help him pursue a claim against the United States government, but found that none of the civil

liberties organizations that were in existence were really prepared to help him out because they just weren't savvy as far as the Internet goes, and so the Electronic Frontier Foundation was borne out necessity by a group of people who felt that they're definitely needed to be an organization dedicated to defending civil liberties in the Internet space space, especially since they foresaw the Internet becoming an increasingly important role in our lives. And that has absolutely been the case.

The Internet has become instrumental to the point where some people argue that it is a a fundamental necessity, the kind of like food and water. You pretty much need the Internet to make a go of it today, which is now for at least for on the national level, certainly you can make a case for that. Well, we're gonna talk more about what the Electronic Frontier Foundation is and what they do in this episode. The e f F focuses on several broad areas of civil liberties, and

here's how the organization itself defines that. They actually have a selection where they have a page where they talk about all of these different ones. And we'll start with free speech. So, freedom of speech typically means that the people of any given population have the right to express their opinions publicly without governmental interference, and a lot of countries around the world have this as a fundamental freedom

codified in some way. Here in the United States, we have the Constitution, and freedom of speech is in the first Amendment in the Bill of Right, those first ten Amendments to the Constitution. Is therefore a foundational right of a citizen in the United States. There are some considerations we have to make, however, freedom of speech does not give you absolute freedom to say anything without governmental interference. As it turns out, uh first, the right typically protects

against governmental abuse. Only that's something a lot of people don't seem to understand, is that this concept of censorship and denying someone their First Amendment rights. The Constitution protects citizens against the government doing this. It's not meant to be a an overall protection against any entity doing this under any circumstances. So in other words, I make a blog. Alright,

create a blog, and I include a comments section. But I decide that I'm going to monitor those comments, and anything I see that's left in those comments I don't like, I decide I'm just gonna go ahead and delete it. That's perfectly fine. It's not the government that's restricting anyone's free speech. But if the government was forcing me to erase comments for whatever reason. That would be a violation

of free speech from a legal standpoint. So I can I can create a space, whether it's online or maybe I'm hosting a party, and if someone says something I don't like, I can tell them that they can't say that in my space. Because I'm not the government, I'm not violating their First Amendment rights. This is more about them being in my space and not just a fundamental right as a citizen of the country. Also another thing

that considers that freedom of speech does have limitations. I cannot make false claims against others in an effort to harm them in some way. For example, that would be slander or libel. Both of those are referencing making these untrue claims in an effort to cause harm to another individual. That harm might be physical, it might be financial, it might be harm to their reputation. Uh, that is not

a protected form of speech. I also have no legal protection if I use my speech to incite others to violence. But this gets to be a tricky area. So you might find court cases where there's an argument about whether or not someone was calling people to violence, and sometimes there are specific criteria that must be met, such as was there a sense that the call to violence was

for an immediate response or for some predetermined time. Because if that's the case, absolutely not protected by freedom of speech. If it's more of a general let's resist, then you could argue that should be protected under freedom of speech. So it's it's not so cut and dry, it's not black and white. A lot of these subtle variations have to be hashed out in court cases which can go

either way. Accords not automatically going to decide in favor of one side versus the other, and sometimes they decisions can actually be surprising. But speech is protected within certain limits. Now, communication online gets to be pretty complicated because you've got Internet service providers, you've got financial services, you've got lots of different working parts to the Internet, and a government

can lean on any component within that infrastructure. Right, a government agent might come to an Internet service provider and say, hey, we're looking for any signs of of criticisms against this specific person. We want to suppress that, uh, and we're going to do it through your service. Well, that would be a form of censorship, and it would be a

violation of First Amendment rights. Um Even though the actual silencing would seem to come from the Internet service provider, which you might be able to argue has that capac city. It would be ultimately due to government interference or a financial company saying, hey, don't allow for any transactions to happen with this particular entity because some of the stuff

they do is illegal. Uh. Because unless everything is illegal in that, you know, and unless you can prove that all those transactions are illegal, that gets super tricky because if there are legal transactions happening, you're preventing those legal transactions from actually occurring. So it's a very complicated mess, and that's part of the reason why the Electronic Frontier Foundation is getting involved in these sort of discussions. It's to try and make sure that the rights of citizens

remain protected. The e f F is also dedicated to protecting creativity and innovation, and that's their words. That's a big playing field there. Some of the ideas that the FF have are pretty simple. So, for example, the e f F views copy right law as being somewhat problematic, particularly when the entities that own intellectual property overstepped their bounds.

Copyright definitely has a place. It exists to protect a creator or in some cases an owner of intellectual property who did not themselves create the content, but they own the content. But it protects them from those who would reproduce that intellectual property for their own profit. But it can also lead to draconian practices and even abuse. Another example of protecting creativity and innovation comes in the form

of fighting patent trolls. So, if you don't know what a patentrol is, um, a patentrol is an entity that purchases patents not for the purposes of creating or implementing a particular technology, but rather withholding that design from other

entities that could actually put it to use. So it's kind of like, let's say you've got an inventor and the inventor has come up with a brilliant way of create eating a very efficient solar panel, and you pay the inventor for the rights to the inventor's patent, and she hands the patent over to you, and you've got the patent in your hands, and you're like, ha ha,

it's mine now. And instead of going forward and then manufacturing these solar panels and trying to make a business that way, you just sit on the patent and you look around and you pay attention, and you try and see if anyone out there is making solar panels using the method that you talked about or that is talked about within the patent that you own. Now, patents are

public documents. Anyone can read them, but you have to get the permission of the patent holder in order to use the technology, and typically this is done through licensing. Some patentrols will license the the technology or processes that are in patents. They might charge quite a bit of money, but they'll license it. Others won't, and instead, what they do is they look for instances of someone using that technology or that process and then threaten them with lawsuits,

typically very hefty ones. And uh it usually is an attempt to get the other entity to settle out of court. And that's how the patentrol makes money. It's not making money by creating technology. It's not even making money by licensing technology. It's making money by waiting until someone else has tried to use that idea and then pouncing on them, which legally they are allowed to do because they own

the patent. But ethically you might argue, well, all they're really doing is withholding something that could be of value to people, and they're doing it just so that they can jump on any company that has the the desire to actually make that technology. So it's a sticky situation because on the one hand, you don't want to get a get away from the concept of protecting intellectual property.

You want people to have a reasonable expectation of protection so that they can profit from ideas and the work that they do. But on the other hand, you don't want entities hoarding knowledge and not letting it out unless companies are paying exorbitant fees, because that stifles innovation. So e f F is very much against the whole patentrol approach. One huge area of interest for the e f is privacy.

This is one of those topics that some people don't really consider until the worst has already happened to them. So we've been conditioned as citizens of the Internet to surrender more and more of our privacy in our online interactions, sometimes without knowingly doing so, and occasionally it's because we're sharing stuff about ourselves with our friends. So interactions on Facebook are a great example. We willingly share information about ourselves,

it's part of our socialization. But that information isn't just going to our ends, it's going to Facebook, which is making very good use of that information. They're profiting off of it. That is their business, it's how they make money. And if we didn't share all this information, then Facebook would not have a huge revenue source. Uh, it's certainly wouldn't be as successful as it is today. Other times

we're sharing information because it's a matter of convenience. So for example, Amazon has algorithms that will present you with suggested items that you might be interested in based upon your past browsing and shopping sessions. But again, that means that it's collecting information about you and about your habits in order to make these kind of suggestions in the first place. Now for some people that's not a big deal.

For other people, they think it's super creepy. And in many cases, there's another game going on that's going on behind the scenes. That's where the information about us gets collected into ever growing dos a's. It might be a dossier that doesn't have your name on it, but it has all the information that would anyone would need to be able to identify you anyway. There's also this other kind of slippery slope where companies will say, hey, we we use anonymous data. We don't. We don't connect an

identity to the information we get. We want the information so that we can run analyzes, but we don't want to say, oh, well, that's that's Bob Smith. That's clearly Bob Smith. The problem is the more points of data you have about any individual person, the easier it is to identify who that person is. And you could even argue that the person's name is the least important thing

about that person from a certain perspective. Knowing all about that person in their habits and what they want and what they don't want, what they like, what they hate, all that is valuable information. The name is superfluous at that point, and we should still be concerned about all that other information about us. That's the Electronic Frontier Foundation's point is that we need to be cognizant that all of this information about us is being shared and and

it's being h collected and stored and sold. There are entire companies that exist just to buy and sell user information, and that gets a little creepy. Beyond that, there are also organizations that are actively spying on people. They're not just passively collecting information or or building dossiers. There are some that are really performing surveillance upon folks. Take the n s A for example, and I don't mean the National Scrabble Association, but I do mean the National Security Agency.

Over the last few years, details about the n S AS various surveillance programs have raised lots of red flags among numerous civil liberties organizations, including the e f F. Now, another issue that the organization concerns itself with is online s purity, which often goes hand in hand with privacy, and this goes from supporting various encryption strategies to help protecting communication from prying eyes to launching the Coders Rights

Project to protect programmers rights as they work on the bleeding edge of technology. The FF advocates for a secure, supportive online environment, and they also argue for transparency from the various entities that either make up the infrastructure of the Internet or use the Internet in some fundamental way, which includes holding government agencies accountable and demanding that these agencies are forthright about their online activities, which isn't always easy.

It can sometimes require extraordinary efforts to get the real story out of various government agencies about what is actually going on, and sometimes it even requires legal action to force government offices to change their policies when those policies aren't aligned with constitutional protections. That's a fancy way of saying. The e f F is sort of a watch dot and just making sure that governments are doing the right thing for their citizens and they're not working against their citizens.

And transparency is absolutely important for that because if you if you have a policy that's not transparent, that does not tell the citizens, hey, this is what's really going on, then you've introduced a reason to distrust the government. And I would argue the e f F has got a very healthy distrust of government and in many ways it's justified.

In some ways, it may be over zealous, but in most ways, I think, uh, the government has given plenty of of reasons why the FFS position is not unreasonable. You may not agree with it, but you probably would at least come to the conclusion that they have reason

for their behaviors. The e f F also works to help free people who are held prisoner for speaking out online, particularly people who are journalists or activists, and they also try to raise awareness about potentially abusive policies, such as

electronic media searches conducted at border crossings. You may have heard of this in the last several years, where people who are crossing over the US border, whether on land or by air by sea, will be greeted by border officers or custom officials and they will say, hey, we want to get hold of your mobile device or your computer and make an electronic search of the materials to

make sure there's nothing questionable on there. And the FF steps in and says, hey, unless you've got a warrant, then you really can't do that would be unreasonable search and seizure to just search somebody randomly like that. Um so that that's another one of their big positions. Of course, when the e f F first got its start, its

mission wasn't quite so methodically organized. It all began with that court case with Steve Jackson Games bringing it against the Secret Service, and that case was instrumental because it established in a United States court of law that electronic mail should receive the same protections and considerations as telephone communication, which means that law enforcement does not have the authority to intercept or otherwise read electronic communication without first securing

a warrant from a judge, and that was just the beginning of the FF. The next big case that they became involved in was Bernstein versus U S Department of Justice. And you might have heard the phrase the pen is mightier than the sword. Well, Daniel J. Bernstein's pen must have been a real whopper. The US government identified Bernstein's work as so dangerous that he was told he need to secure an arms dealer license to talk about it or to publish his work outside the United States. What

you might be saying, I know I did. Well, let's backtrack a bit. In fact, we're gonna backtrack a lot, because that's what I do on this show. So we're gonna talk about cryptography. The cryptography branches off of an ancient strategy of hiding messages in some way so that the person or persons you are contacting are the only ones who get the information you're actually sending. And there

are lots of different ways to do this. There's steganography that involves hiding data within some other non secret formats, such as inside the code of an MP three file or inside of an image. Uh, you could hide it with tiny little micro dots on microfilm, which would be very difficult to detect unless you knew what you were

looking for. Or there's encryption in which you take a message in one format, you apply some sort of process to the message to transform it in some way, and then you send that transformed message to the recipient, who presumably has a method for reversing this process and gaining

access to the original message. So a simple version of this is just a cipher where you have a set of rules, and the simplest of all ciphers would be just shifting all the letters down by a slot, so A is B B, S C, C is D, that kind of thing, and then writing it all out, and because the person you're sending it to knows the rules, they can reverse that and they can then decipher the message. Obviously, cryptography tends to be a little more complicated than that,

because people are onto us. They figured out the whole A S, B, B is C thing, the clever clever people. According to the site tech Target, cryptography has four objectives. The first is secrecy, which means only the person with the proper key, as in the intended recipient, can read the original message. The second is integrity, which means the message cannot be changed in any way between the sender

and the recipient without being detected. Next is non repudiation, which means that there's no plausible deniability on the part of the sender. Uh This is to remove the possibility the sender could leave a recipient out to hang by denying they ever intended to create or send the message. And fourth is authentication, which means that both the sender and the recipient can be assured of each other's identities.

Now that does not mean that all cryptographic systems meet all four of those objectives, but a good cryptographic system should meet at least most of them, and an ideal system would meet all four criteria. So with such a system, you can be sure that any message you sent would be secure until it got to the right person, and that only that right person would be able to decrypt it. And further, both of you could be sure the message

came from and went to the right people. Cryptography is used for all sorts of communication, but it's clearly of critical importance if you want to send someone information that other people absolutely should not see. For this reason, it's

a big part of diplomacy. For espionage for financial operations and other supersensitive activities, and the United States, like many other countries, places a very high value on cryptographic strategies, which is why the US government decided to include cryptographic

systems in its documentation for International Traffic in Arms Regulations. Now, this is a document that effectively defined cryptography as a weapon itself under a category thirteen of Title twenty two, Chapter one, sub Chapter M of the Code of Federal Regulations. You'll see the title Auxiliary Military Equipment. And here's an

excerpt from that section. Information Security systems and Equipment, cryptographic devices, software and components specifically designed or modified therefore including cryptographic including key management systems, equipment assemblies, modules, integrated circuits, components, or software with the capability of maintaining secrecy or confidentiality

of information or information systems. Now, the reason why I just give the whole list is to show that the United States government to find cryptographic systems as a weapon under the official United States Munitions List, and as such, only a licensed authority would be allowed to export such a weapon. In the case of cryptographic systems, that meant you would need a license to either distribute the code or publish the information. Now, Daniel Bernstein wanted to do

both of those things. He actually wanted to talk about this cryptographic approach he had developed and to distribute electronic programs that could create these sort of cryptographic messages themselves, and he called it Snuffle. She's pretty harmless. And we'll learn more about Snuffle and his legal battles in just a second, but first let's take a quick break to thank our sponsor. So Bernstein developed a pretty straightforward system as a grad student at the University of California at

Berkeley in ninet for cryptographic systems. It used an encryption key to generate some seemingly random tech XT, which then could be run in an x or process against a message you intended to incipher. This inciphered text could then be sent to your recipient and they would use their copy of the encryption key to essentially reverse the process and read the original message. It gets a little more technical than that, but that's really the key of it.

Bernstein's method was called a zero delay private key encryption system, which I mean it could be used in real time communication between two individuals who are sharing a common private encryption key. Bernstein's approach relied on that cryptographic hash function, which in itself was a perfectly legal approach, should have been upheld as being not that's not a munition, it's

not a weapon. But Bernstein's implementation created a strong encryption system, and that was what the United States government had determined was illegal to distribute. So it wasn't so much the encryption approach, but rather the description of how to use it that was deemed to be illegal for export. Bernstein

sought out permission to publish his algorithm. He wanted to also publish a paper to describe the algorithm, and also a computer program that could run the algorithm, and he wanted to present all of them in an electronic conference. So he petitioned the State Department. Even though his own work had no connection to government funding, uh or anything any state funding. There's nothing that was coming through too to connect his work with any sort of official government process.

So what would happen if he had skipped this permission step and if he had just gone ahead and done it well? According to US law, exporting a weapon to a foreign agent could result in a ten year jail sentence and a million dollar criminal fine, and that's just for start. So that would mean because the government classified cryptographic systems as a type of weapon. In his petition, Bernstein wrote, quote and effect, what I want to export is a description of a way to use existing technology

in a more effective manner. I do not foresee military or commercial use of Snuffle by anyone who does not already have access to the cryptographic technology contained in I do foresee practical use of Snuffle by those who do have such access, in particular for the purpose of interactively exchanging encrypted text end quote. The State Department rejected his request and said that he would have to obtain a license.

The response said, this commodity is a standalone cryptographic algorithm which is not incorporated into a finished software product, which meant that unlike various copyright protection schemes and other implementations that included encryption, Bernstein's approach was just the method of encrypting data, and therefore that's what made it subject to these rules, which is kind of crazy when you think

about it. It's essentially saying, hey, if if your approach was actually part of a piece of software, you might not even be running into these issues. But you're just specifically talking about how to encrypt data. So Bernstein submitted five separate requests to publish the source code for encryption, the source code for decryption and English explanation of how to encrypt data and English description of how to decrypt data,

and the original paper. The State Department would lump all of those requests together in a single one and denied them unilaterally. Bernstein then contacted the Electronic Frontier Foundation as

he felt his First Amendment rights were being violated. Now this was in This was years after his initial attempts, as the wheels of government do not turn quickly, and the e f F agreed to support his case and they brought a lawsuit against the government, stating that the law was unconstitutional and that the State Department had overstepped its authority. Now, the legal proceedings lasted four more years, so this is a decade out of Bernstein's life that's

just dedicated just getting this cryptographic software published. The court ultimately decided that software code is a type of speech and therefore is covered by the protections of the First Amendment, which meant the court agreed with the e f F that the State Department's actions were unconstitutional. As such, the United States coders can now create encryption software and publish it or export it without first securing permission from the

US government, which is a pretty huge deal. Several of the cases that the e f has participated in have set important precedents in law. It's not just that the e f F has helped the tech sector, but that is played an instrumental role in extending the protections that exist for one type of expression to the technological realm.

So one of the big arguments the e f makes over and over again is that if this were any other form of communication, there would be no question that the First Amendment protection extends to it, because, as there's plenty of precedent to show, so what makes technology technological expression so much different than these other formats? And the response over and over again has been, well, there really is no important distinction between them, and therefore those First

Amendment rights should absolutely extend to electronic communication. So the e f F has played a big role in just making sure that this kind of of technology and this kind of expression receives that same protection one of those cases, uh or really to go through all of the cases the ff has been part of, would be ridiculous. It would require many many many more episodes, and I'm not going to do that, will do an overview of a few cases and kind of explain how the outcomes were important.

So one of those cases helped differentiate protection against piracy versus establishing an anti competitive practice. And this is kind of interesting because it doesn't involve communication over the Internet, but it does involve technology. The case was called lex Mark versus Static Control, and it all had to do with toner cartridges, like printer cartridges. Lex Mark makes laser

printers and Static Control would sell remanufactured, refilled toner cartridges. Now, in case you're not aware, toner cartridges are where the real money is at. With printers. There are a lot of companies that will sell their printers at a loss and make up for it in toner sales. After all, if you don't have toner printers, not very much good to you. So Static Control would compete with lex Mark

by offering compatible toner cartridges at a lower cost. Lex Mark in turn sued Seatic Control, claiming that this amounted to piracy, but the e f F and Static Control were able to argue that this was not a valid claim and that what lex Mark was really trying to do was force customers into lex Marks ecosystem and only purchase lex Marks products, So their actions were meant to suppress legitimate competition. Now, not all victories are so straightforward.

In the mid two thousand's, the Supreme Court heard a case in which twenty eight companies that were led by MGM Studios sued Groster as well as Streamcast for copyright infringement. Roxter was built on top of the Morpheus peer to peer file sharing software. File sharing software allows users to connect in sort of an ad hoc network and share

files with one another. So think of it as you download some software that allows you to log into a service that connects you with other users that are using that same software, and you can share files that you've stored in a specific folder with anyone else that's on

that network. They can share files that they've stored in folders on their machine that have been designated as valid folders with you, and you can download these files, and if there are multiple people who have that file on their machines, your downloads go much more quickly because it can pull information from any or all of those machines simultaneously. So even if a connection between you and computer A

is bad. It can still pull data from computers B through Z as long as they all have instances of a file of that specific file, so there's nothing illegal about that. Peer to peer sharing is perfectly legitimate as a means of distributing data. However, the Supreme Court found that roxter had effectively promoted the use of its service to engage in copyright infringement, and as such was responsible

for the acts that happened on its service. However, there's a previous decision that was made by the Supreme Court involving Sony Corporation versus the Universal City Studios are University Cities do. Is also known as the Beta Max case. Beta max being a a magnetic tape format kind of like VCRs the old VHS versus Beta Max wars. But that particular case established the technologies manufacturer is not responsible for the way it's customers use that technology if it's

outside the stated purpose of said technology. So if I make a type of tech that allows you to record stuff on it, and I say the reason for this is so that you can make a backup recording of media that you already own, backup recordings are perfectly legal. It's a type of fair use in the United States. So assuming that's what you're using the thing I made, that's why you're using it, and how you're using it,

everything's fine. You're using it legally. But then let's say that you use that same technology to record something that you do not own, and then maybe even record copies of that and distribute it. That would be outside of what I stated the technology was for. And by this argument of safe harbor, I could perhaps get out of any liability for the way that you are using my technology because you're using it in a way that I did not intend, and it's not my fault if you

use the technology poorly. Just like if I am selling pies and you buy a pie, I'm not responsible if you throw that pie in someone's face instead of just sitting down to have a delicious slice of pie. It's not my fault. I just made the pie. I still want pie right now. You guys who are long time listeners of tech stuff, you know that's my secret. I

always want pie, like the Incredible Hulk. Anyway, in Groxter's case, the court decided that the service had encouraged users to engage in unlawful activity, but Court was also very careful not to tread too far and negate those safe harbor aspects that were established during Sony and University University City studios. Those safe harbor protections now extend to software, though again with the caveat that there must be legitimate use for

the technology that does not require unlawful behavior. So again, peer to peer networking is by itself a perfectly reasonable means to distribute information across the network of computers. There's nothing illegal inherently about it. That people use that technology for piracy is not necessarily surprising, but at the same time, it's not the only or even intended purpose of that tech. Another case I have referenced on this show involved Sony's use of DRM measures on their music CDs. It used

to be a thing music CDs. I don't know how many of you out there still listened to CDs, But Sony had this bright idea, why not include some software on music CDs that could prevent people from ripping those tracks on to a computer and then distributing them willy nilly, hither thither and yawn across the Internet. And boy did things go wrong from there because Sony's approach introduced an

incredible vulnerability onto customer computers. Back in two thousand five, Sony Music Entertainment, which in those days was actually known as Sony b MG, included what they called an extended copy protection feature on music CDs and and all. That also included a copy of some software called Media Max c D three, And if a customer were to put their brand new Sony b MG manufactured music CD into a computer, the computer would auto install the software on the c D and that would give Sony a heads

up as to what was going on. So, in other words, Sony could keep track of what you were doing with your computer. And the whole justification here was that Sony wanted to be on alert in case people were ripping those c ds in or to burn pirated copies for other people, or otherwise distribute the music illegally. The software coasted under the noses of anti virus and anti spyware programs.

They just didn't detect it, and it created a backdoor vulnerability for infected systems, which allowed the potential for hackers to leverage those vulnerabilities and install malware on affected computers. So, if you'd like an analogy, it would sort of be like if Sony showed up at your house, got a hold of your keys, made a copy of your house keys, and then they just left those key copies laying around where anyone could grab them and walts into your home

and take whatever they wanted. It was not good. Now we call this the Sony root Kit because it gave rude access to affected machines and it was distributed by Sony. When news got out of what had happened, Sony b MGS president of Global Digital Business, a guy named Thomas Us said the wrong thing at the wrong time. He specifically said, most people don't even know what a root kit is, so why should they care about it. Yikes. That's like saying most people don't realize that their back

door is unlock, so why should they care. It's It's patently ridiculous. The e f F filed a class action lawsuit against Sony to force the company to make amends for the choices they made, and ultimately Sony was able to settle out of court with the e f F. The organization also pressured sun Calm, which was responsible for one of the elements that created the root kit in the first place, and Suncolm was forced to patch its

software and remove security flaws. Now the e f f's work also reminds me what a strange and amazing thing the Internet is. The Internet allows people to find others who share their own interests and hobbies, and to find

enrichment through sharing with those people. One such group would be embroidery fans, as in people who enjoy embroidering stuff, which seems like a pretty harmless group of people, and it's easy to imagine them using the Internet because they might want to form some clubs to chat about projects or share patterns, and that's actually where the problems began. There was a group of embroidery pattern publishers and vendors who banded together to form a new group called the

Embroidery Software Protection Coalition or e SPC. They were concerned with preventing piracy of various embroidery patterns and programs, and their target was an online community of embroiderers. Like many such communities, the members on this online discussion group use nicknames or handles on their profiles. So the e s PC wanted to file defamation claims against some of the

members of that discussion group. So what they did is they issued a subpoena demanding that the organization received detailed personal information about everyone who was part of that discussion group, regardless of whether or not they had ever even posted a message to the group. So, in other words, if you belong to this group, even if you had never said anything one way or the other, you'd never engaged

in any kind of of copyright infringement. They wanted all your personal information so they could make a decision about whether or not to sue you. Now, the e F got involved and argue that this was an unreasonable and unlawful tactic. And after the e F made it clear that it would provide legal support for the embroiderers, the

e s PC withdrew its subpoena. E F State Attorney Core and McSherry issued a statement that read quote, E s PC should have never filed this frivolous case in the first place, but where pleased that E s PC now understands that it can't use the courts to intimidate those who who want to talk about E s p C s ham Thisted tactics. The First Amendment forbids such

abusive use of the discovery process. So what they're saying is all these embroiderers who are on this online discussion group and saying, well, this this group over here is being really unreasonable. The actions that group took was way more unreasonable, you know, saying, Hey, they're saying nasty things about us, so we want to know who they are. Yikes.

There are dozens of other cases we could look at, but I think after we come back from the next break, will focus instead on some of the other work the e f F has been involved with outside of legal cases, So we'll talk about that after this quick break to thank our sponsor. Now, the Electronic Frontier Foundation does more than just jump into legal battles. It also helps develop and distribute various tools to make the use of the Internet more secure and protect the privacy of folks when

they're online. One of those tools is a browser extension called Privacy Badger. This extension blocks websites from using brows trackers on you without your permission. Now, those trackers could otherwise keep tabs on which sites you are visiting and your browsing behaviors in general, and as e f says in their page on the tool, quote, if an advertiser seems to be tracking you across multiple websites without your permission.

Privacy badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. End quote. Another extension that they offer is HTTPS Everywhere, which is an encryption tool. This extension can encrypt communications with many different websites to help improve the

security of your web browsing. So some websites have pages that support HTTPS encryption you see that little lock that shows up in your address bar, but some websites have certain pages that are still over unencrypted h T t P. The extension that the f F offers rewrites all require to go through HTTPS and keep everything nice and jumbled up for any snoops that happened to be out there. And there are other tools that you can learn about over at the e f F website to help keep

you and your browsing safe. And part of what the organization does is raise awareness of potential threats to civil liberties in proposed legislation or corporate practices, which is not always about filing a court case, though that does sometimes end up being part of it. If it goes far enough.

On the e f site, you can find numerous articles, blog posts, and white papers about important civil liberties issues, and some of them deal with pretty thorny subjects and some require you to really keep control of your emotions. For example, on January three, the e f F submitted a letter opposing a proposed act in South Carolina called H three zero zero three, also known as the Human

Trafficking Prevention Act. Now, immediately, that's an incredibly charged topic. Clearly, human trafficking is an evil act and any decent person would oppose it. So why would the e f F come out against legislation meant to prevent occurrences of human trafficking? Well, the key here is the language inside the act itself.

As their letter would state, the Act requires any entity wishing to conduct business in South Carolina quote that manufacturers, distributes or sells a product that makes content accessible on

the Internet. End quote to include in the product a digital blocking capability that blocks online access to quote obscenity, child pornography, revenge pornography, or any hub that facilitates prostitution, and websites that are known to facilitate any trafficking of persons end quote Well, the e f F maintains that the proposed legislation is and this is, from their letter, a gross violation of the free speech rights of Internet users,

particularly given that content filtering technology is inaccurate. The bill also violates the privacy of consumers by requiring them to engage in invasive interactions with companies in order to deactivate the blocking feature. The bill creates an exorbitant new tax for both Internet users and companies wishing to opt out of the regulatory regime. The bill violates the rights of online service providers by penalizing them for content created by

their users. The bill further hurts companies by requiring costly technical features that may ultimately discourage business in the state of South Carolina. End quote now. The e f F points out that in the effort to filter out illegal material, the enforcement of this act would undoubtedly sweep up legal stuff as well, so you would get both illegal and

legal things filtered out of your view. And while the Act does contain some language in that it requires entities to restore access to legal material if you file acclaim against it, this still represents a First Amendment harm and the e f also states that the language is so broad that it could encompass any company that makes any device that allows access to the Internet, so that could include computers, smartphones, tablets, set top boxes, WiFi routers, modems,

and more. Every single type of technology would be required to have some sort of filter on it. The FFS argument is not that human trafficking isn't a problem or that it shouldn't be taken seriously. Their argument is that the proposed act fails to address that problem while simultaneously courts unconstitutional implementations. So, as of the recording of this podcast, that act is currently still in committee in the South Carolina House of Representatives, and it has been there since

January two thousand seventeen. The f F also offers up helpful papers the all sorts of topics from the Internet registries that are least likely to give up details on domain owners, to a list of government data requests and how various Internet service providers and other companies responded to those requests. So, in other words, it tells you these are the partners that aren't going to give you up

under just a casual request from the government. The e f F also provides information on civil liberties, the best practices to follow to ensure your rights are protected, and also deep dives on the areas of focus I mentioned at the top of this episode. Now, you may not agree with every stance the e f F takes. I know there are some that I personally find a little problematic, though I also admit that I sighed more often with

the e f than otherwise. As a nonprofit organization, they depend upon donations in order to fund their work, and there's also a shop where you can buy products and the money goes to support e f f's efforts. Some of the examples of merchandise you could purchase include things like kickers or r f I D blocking wallets were temporary tattoos if you really want to, you know, sport the e f F logo on your bicep. But that's it.

On the e f F, the organization continues to play an important role to make sure that corporations and governments don't compromise our civil liberties in the online space. I suspect that we're gonna have a need for the e f F for many years to come, as online technology continues to insinuates itself into all aspects of our lives. As that happens, those protections are going to become more

and more important. So that wraps up this episode. If you guys have suggestions for future topics I could cover on episodes of tech Stuff, why don't you send me a message and tell me about your big old ideas. Smart guy, smart lady, smart people. I'm I'm being serious, I'm not being sarcastic. I really would love to hear

your ideas. You can get in touch with me using the email address tech Stuff at how stuff works dot com, or if you prefer to communicate via Twitter or Facebook, you can find the text stuff handle at either of those locations. It is text stuff h s W. And remember, you can go to twitch dot tv slash tech stuff to watch me record these shows live. You can watch as I make mistakes or occasionally curse into the microphone.

Sometimes that happens like today, but the only way you ever get to see it is if you go to twitch dot tv slash tech stuff because the wonder producer Ramsey is very good at taking those things out before the show goes live. So come and see me record live. I do it on Wednesdays and Fridays. The schedule is up at twitch dot tv slash tech stuff, and I'll talk to you again really soon for more on this and thousands of other topics. Because it has stop works dot com wh wh