Security News

In June, people honor one of the key events that ushered the era of LGBTQIA+ Pride—Stonewall—during which Black and Brown trans and queer people led a riot in direct response to police brutality. This year, Pride occurs during national and global protests over the continued murder of Black people, and highlights disparities around race, gender, ability and identity, with people at these intersections experiencing particular stress, such as the unprecedented dangers for Black trans women....

Regardless of your opinion about Google, their suite of collaborative document editing tools provides a powerful resource in this tumultuous time. Across the country, grassroots groups organizing mutual aid relief work in response to COVID-19 and legal aid as part of the recent wave of protests have relied on Google Docs to coordinate efforts and get help to those that need it. Alternatives to the collaborative tools either do not scale well, are not as usable or intuitive, or just plain...

We are glad to see Zoom’s announcement today that it plans to offer end-to-end encryption to all its users, not just those with paid subscriptions. Zoom initially stated it would develop end-to-end encryption as a premium feature. Now, after 20,000 people signed on to EFF and Mozilla’s open letter to Zoom, Zoom has done the right thing, changed course, and taken a big step forward for privacy and security.

Other enterprise companies like Slack, Microsoft, and Zoom’s direct...

As uprisings over police brutality and institutionalized racism have swept over the country, many people are facing the full might of law enforcement weaponry and surveillance for the first time. Whenever protesters, cell phones, and police are in the same place, protesters should worry about cell phone surveillance. Often, security practitioners or other protesters respond to that worry with advice about the use of cell-site simulators (also known as a CSS, IMSI catcher, Stingray,...

This morning, EFF and Mozilla called on Zoom to make their upcoming end-to-end encryption feature available to all 300 million of its users. We published an open letter urging Zoom’s CEO Eric Yuan not to exclude Zoom’s free customers from using their upcoming end-to-end encryption feature. 

We applaud Zoom for building strong end-to-end encryption into their service. But by limiting this security enhancement to paid accounts, Zoom is denying privacy protections to the participants...

Across the United States, people are taking to the street to protest racist police violence, including the tragic police killings of George Floyd and Breonna Taylor. This is a historic moment of reckoning for law enforcement. Technology companies, too, must rethink how the tools they design and sell to police departments minimize accountability and exacerbate injustice. Even worse, some companies profit directly from exploiting irrational fears of crime that all too often feed the flames...

This guide is an overview of digital security considerations specific to journalists covering protests. For EFF’s comprehensive guide to digital security, including advice for activists and protesters, visit ssd.eff.org. Legal advice in this post is specific to the United States.

As the international protests against police killings enter their third week, the public has been exposed to shocking videos of law enforcement wielding violence against not only demonstrators,...

Like the rest of the world, we are horrified by the videos of George Floyd’s murder. Once again, police brutality was documented by brave bystanders exercising their First Amendment rights. Their videos forcefully tell a painful truth that has further fueled a movement to demand an end to racism and abuse of power by police officers.

Recordings of police officers, whether by witnesses to an incident with officers, individuals who are themselves interacting with officers, or by...

Your phone is your life. It’s where you communicate, get your news, take pictures and videos of your loved ones, relax and play games, and find a significant other. It can track your health, give you directions, remind you of events, and much more. It’s an incredibly helpful tool, but it can also be used against you by malicious actors. It’s important to know what your phone contains and how it can also make you vulnerable to attacks.

Your threat model is unique and personal. And...

In light of the current protests across the country against racism and police brutality, we want to call attention to EFF’s attorney referral services. We are opening up our Cooperating Attorneys list to people facing legal troubles as a result of their participation in the ongoing demonstrations, especially those involving surveillance or devices such as phones. We urge anyone in such a position to contact us for help in finding representation.

Our referral list is comprised of...

In the wake of nationwide protests against the police killings of George Floyd and Breonna Taylor, we urge protestors to stay safe, both physically and digitally. Our Surveillance Self Defense (SSD) Guide on attending a protest offers practical tips on how to maintain your privacy and minimize your digital footprint while taking to the streets.

These demonstrations have taken place against the backdrop of the COVID-19 pandemic, so for many, public health concerns have added an...

June 2nd is recognized around the world as the chosen date of countless direct actions and protests in support of the sex workers' rights movement. Since its inception nearly 45 years ago, International Whores Day reclaims a sometimes derogatory word to set the tone for a day of unrest and political action. June also marks International LGBTQ+ Pride month, and this is the first in a series of blog posts that aims to highlight different facets within the broader LGBTQ+ community.

Grassroots education is important for making sure advanced technical knowledge is accessible to communities who may otherwise be blocked or pushed out of the field. By sharing this invaluable knowledge and skills, local groups can address and dissolve these barriers to organizers hoping to step up their cybersecurity.

The Electronic Frontier Alliance (EFA) is a network of community-based groups across the U.S.  dedicated to advocacy and community education...

Over the weekend, Minnesota’s Public Safety Commissioner analogized COVID-19 contact tracing with police investigation of arrested protesters. This analogy is misleading and dangerous. It also underlines the need for public health officials to practice strict data minimization—including a ban on sharing with police any personal information collected through contact tracing.

On May 30, at a press conference about the ongoing protests in Minneapolis against racism and police...

In January 2011, after hearing about the unrest unfolding in Sidi Bouzid, Tunisian blogger Lina Ben Mhenni (who passed away in January of this year from a chronic illness) began traveling around the country to document the nascent protests and the government’s response to them.

“There are no journalists doing this,” she told Newsweek at the time. “And moreover, the official media started to tell lies about what was happening.”

Despite widespread censorship and...

Black lives matter on the streets. Black lives matter on the Internet. 

EFF stands with the communities mourning the victims of police homicide. We stand with the protesters who are plowed down by patrol cars. We stand with the journalists placed in handcuffs or fired upon while reporting these atrocities. And we stand with all those using their cameras, phones and digital tools to make sure we cannot turn away from the truth.

There is no doubt that we are in deeply troubled...

Black lives matter on the streets. Black lives matter on the Internet. 

EFF stands with the communities mourning the victims of police homicide. We stand with the protesters who are plowed down by patrol cars. We stand with the journalists placed in handcuffs or fired upon while reporting these atrocities. And we stand with all those using their cameras, phones and digital tools to make sure we cannot turn away from the truth.

There is no doubt that we are in deeply troubled...

Stalkers and abusive partners want access to your device for the same reason governments and advertisers do: because “full access to a person's phone is the next best thing to full access to a person's mind,” as EFF Director of Cybersecurity Eva Galperin explains in her TED talk on “stalkerware” and her efforts to end the abuse this malicious software enables.

Governments around the world are using surveillance technologies to monitor whether COVID-19 patients are complying with instructions to quarantine at home. These include GPS ankle shackles, phone apps that track location, and phone apps that require patients to periodically take quarantine selfies and send them to government monitors.

All of these surveillance technologies burden fundamental rights. And they can harm public health, by discouraging people from getting tested. No...

Grassroots activism, in its many forms, allows a community to mobilize around a shared set of ideals and creates an environment whereby participants can share information and resources to help facilitate the advancement of their common aims.

The Electronic Frontier Alliance (EFA) is a grassroots network of community and campus organizations, unified by a commitment to upholding the principles of the EFA: privacy, free expression, access to knowledge, creativity, and...

Communities across the country are stepping up to self-organize mutual aid groups, uniting virtually to offer and coordinate support to those who are in need. In solidarity with the need for physical distancing, many people are organizing online using Google spreadsheets, Google forms, public posts on Twitter and Facebook, and private messages on social media platforms. 

There is great beauty and power in this support, but it also puts security concerns in the spotlight: overlooked...

A greater portion of the world’s work, organizing, and care-giving is moving onto digital platforms and tools that facilitate connection and productivity: video conferencing, messaging apps, healthcare and educational platforms, and more. It’s important to be aware of the ways these tools may impact your digital privacy and security during the COVID-19 crisis.

Here are a few things you should know in order to make informed decisions about what works best for you and your...

Update 3-26-20: A new prevalent example of Android Spyware that leverages COVID-19 as a way to deliver their malicious product has been reported by researchers at Lookout. This particular malware, called "corona live 1.1.", comes out of Libya and seems to mostly be targeting Libyan citizens. Like other examples listed below, it uses the same COVID-19 dashboard developed by Johns Hopkins University.

For malicious people, preying on collective fear and misinformation is...

Cities across the U.S. are forcing operators of shared bikes and scooters to use dangerous and privacy invasive APIs developed by the Los Angeles Department of Transportation. These APIs—collectively called the “mobility data specification,” or MDS—require that operators share granular location data on every trip taken. The location data that cities are demanding is incredibly sensitive and...

In response to an EFF campaign started last year, roughly a third  of institutions that we believe requested problematic and exploitive data as part of a government automated tattoo recognition challenge deleted the data or reported that they had never received or used it.

EFF has long been concerned with the many problems associated with efforts to use automated tattoo recognition, a form of biometric surveillance similar to face recognition that can use your body art to reveal...