Electronic Freedom Foundation

Guided by EFF's map of Customs & Border Protection surveillance towers, University of Arizona geographers Colter Thomas and Dugan Meyer have been methodologically traversing the U.S.-Mexico border and photographing the infrastructure that comprises the so-called "virtual wall."

Anduril Sentry tower beside the Rio Grande River. Photo by Colter Thomas (CC BY-NC-ND 4.0)

From April 12-26, their outdoor exhibition "Infrastructures of Control" will be on display on the University of Arizona campus in Tucson, featuring more than 30 photographs of surveillance technology, a replica surveillance tower, and a blow up map based on EFF's data.

Locals can join the researchers and EFF staff for an opening night tour at 5pm on April 12, followed by an EFF Speakeasy/Meetup. There will also be a panel discussion at 5pm on April 19, moderated by journalist Yael Grauer, co-author of EFF's Street-Level Surveillance hub. It will feature a variety of experts on the border, including Isaac Esposto (No More Deaths), Dora Rodriguez (Salvavision), Pedro De Velasco (Kino Border Initiative), Todd Miller (The Border Chronicle), and Daniel Torres (Daniel Torres Reports).

In the meantime, we chatted with Colter and Dugan about what their project means to them.

MAASS: Tell us what you hope people will take away from this project?

MEYER: We think of our work as a way for us to contribute to a broader movement for border justice that has been alive and well in the U.S.-Mexico borderlands for decades. Using photography, mapping, and other forms of research, we are trying to make the constantly expanding infrastructure of U.S. border policing and surveillance more visible to public audiences everywhere. Our hope is that doing so will prompt more expansive and critical discussions about the extent to which these infrastructures are reshaping the social and environmental landscapes throughout this region and beyond.

THOMAS: The diversity of landscapes that make up the borderlands can make it hard to see how these parts fit together, but the common thread of surveillance is an ominous sign for the future and we hope that the work we make can encourage people from different places and experiences to find common cause for looking critically at these infrastructures and what they mean for the future of the borderlands.

An Integrated Fixed Tower in Southern Arizona. Photo by Colter Thomas (CC BY-NC-ND 4.0)

MAASS: So much is written about border surveillance by researchers working off documents, without seeing these towers first hand. How did your real-world exploration affect your understanding of border technology?

THOMAS: Personally I’m left with more questions than answers when doing this fieldwork. We have driven along the border from the Gulf of Mexico to the Pacific, and it is surprising just how much variation there is within this broad system of U.S. border security. It can sometimes seem like there isn’t just one border at all, but instead a patchwork of infrastructural parts—technologies, architecture, policy, etc.—that only looks cohesive from a distance.

An Integrated Fixed Tower in Southern Arizona. Photo by Colter Thomas (CC BY-NC-ND 4.0)

MAASS: That makes me think of Trevor Paglen, an artist known for his work documenting surveillance programs. He often talks about the invisibility of surveillance technology. Is that also what you encountered?

MEYER: The scale and scope of U.S. border policing is dizzying, and much of how this system functions is hidden from view. But we think many viewers of this exhibition might be surprised—as we were when we started doing this work—just how much of this infrastructure is hidden in plain sight, integrated into daily life in communities of all kinds.

This is one of the classic characteristics of infrastructure: when it is working as intended, it often seems to recede into the background of life, taken for granted as though it always existed and couldn’t be otherwise. But these systems, from surveillance programs to the border itself, require tremendous amounts of labor and resources to function, and when you look closely, it is much easier to see the waste and brutality that are their real legacy. As Colter and I do this kind of looking, I often think about a line from the late David Graeber, who wrote that “the ultimate hidden truth of the world is that it is something that we make, and could just as easily make differently.”

THOMAS: Like Dugan said, infrastructure rarely draws direct attention. As artists and researchers, then, our challenge has been to find a way to disrupt this banality visually, to literally reframe the material landscapes of surveillance in ways that sort of pull this infrastructure back into focus. We aren’t trying to make this infrastructure beautiful, but we are trying to present it in a way that people will look at it more closely. I think this is also what makes Paglen’s work so powerful—it aims for something more than simply documenting or archiving a subject that has thus far escaped scrutiny. Like Paglen, we are trying to present our audiences with images that demand attention, and to contextualize those images in ways that open up opportunities and spaces for viewers to act collectively with their attention. For us, this means collaborating with a range of other people and organizations—like the EFF—to invite viewers into critical conversations that are already happening about what these technologies and infrastructures mean for ourselves and our neighbors, wherever they are coming from.

This post was co-written by EFF legal intern Melda Gurakar.

Researchers, journalists, and everyone else has a First Amendment right to criticize social media platforms and their content moderation practices without fear of being targeted by retaliatory lawsuits, a federal court recently ruled.

The decision by a federal court in California to dismiss a lawsuit brought by Elon Musk’s X against the Center for Countering Digital Hate (CCDH), a nonprofit organization dedicated to fighting online hate speech and misinformation, is a win for greater transparency and accountability of social media companies. The court’s ruling in X Corp. v. Center for Countering Digital Hate Ltd. shows that X had no legitimate basis to bring its case in the first place, as the company used the lawsuit to penalize the CCDH for criticizing X and to deter others from doing so.

Vexatious cases like these are known as Strategic Lawsuits Against Public Participation, or SLAPPs. These lawsuits chill speech because they burden speakers who engaged in protected First Amendment activity with the financial costs and stress of having to fight litigation, rather than seeking to vindicate legitimate legal claims. The goal of these suits is not to win, but to inflict harm on the opposing party for speaking. We are grateful that the court saw X’s lawsuit was a SLAPP and dismissed it, ruling that the claims lacked legal merit and that the suit violated California’s anti-SLAPP statute.

The lawsuit filed in July 2023 accused the CCDH of unlawfully accessing and scraping data from its platform, which X argued CCDH used in order to harm X Corp.'s reputation and, by extension, its business operations, leading to lost advertising revenue and other damages. X argued that CCDH had initiated this calculated “scare campaign” aimed at deterring advertisers from engaging with the platform, supposedly resulting in a significant financial loss for X. Moreover, X claimed that the CCDH breached its Terms of Service contract as a user of X.

The court ruled that X’s accusations were insufficient to bypass the protective shield of California's anti-SLAPP statute. Furthermore, the court's decision to dismiss X Corp.'s claims, including those related to breach of contract and alleged infringements of the Computer Fraud and Abuse Act, stemmed from X Corp.'s inability to convincingly allege or demonstrate significant losses attributable to CCDH's activities. This outcome not only is a triumph for CCDH, but also validates the anti-SLAPP statute's role in safeguarding critical research efforts against baseless legal challenges. Thankfully, the court also rejected X’s claim under the federal Computer Fraud and Abuse Act (CFAA). X had argued that the CFAA barred CCDH’s scraping of public tweets—a erroneous reading of the law. The court found that regardless of that argument, the X had not shown a “loss” of the type protected by the CFAA, such as technological harms to data or computers.

EFF, alongside the ACLU of Northern California and the national ACLU, filed an amicus brief in support of CCDH, arguing that X Corp.'s lawsuit mischaracterized a nonviable defamation claim as a breach of contract to retaliate against CCDH. The brief supported CCDH's motion to dismiss, arguing that the term of service against CCDH as it pertains to data scraping should be deemed void, and is contrary to the public interest. It also warned of a potential chilling effect on research and activism that rely on digital platforms to gather information.

The ramifications of X Corp v. CCDH reach far beyond this decision. X Corp v. CCDH affirms the Center for Countering Digital Hate's freedom to conduct and publish research that critiques X Corp., and sets precedent that protects critical voices from being silenced online. We are grateful that the court reached this correct result and affirmed that people should not be targeted by lawsuits for speaking critically of powerful institutions.

• EFF and ACLU Amicus Brief in Support of CCDH  

With Section 702 of the Foreign Intelligence Surveillance Act set to expire later this month, the White House recently released a memo objecting to the SAFE Act—legislation introduced by Senators Dick Durbin and Mike Lee that would reauthorize Section 702 with some reforms. The White House is wrong. SAFE is a bipartisan bill that may be our most realistic chance of reforming a dangerous NSA mass surveillance program that even the federal government’s privacy watchdog and the White House itself have acknowledged needs reform.

As we’ve written, the SAFE Act does not go nearly far enough in protecting us from the warrantless surveillance the government now conducts under Section 702. But, with surveillance hawks in the government pushing for a reauthorization of their favorite national security law without any meaningful reforms, the SAFE Act might be privacy and civil liberties advocates’ best hope for imposing some checks upon Section 702.

Section 702 is a serious threat to the privacy of those in the United States. It authorizes the collection of overseas communications for national security purposes, and, in a globalized world, this allows the government to collect a massive amount of Americans’ communications. As Section 702 is currently written, intelligence agencies and domestic law enforcement have backdoor, warrantless access to millions of communications from people with clear constitutional rights.

The White House objects to the SAFE Act’s two major reforms. The first requires the government to obtain court approval before accessing the content of communications for people in the United States which have been hoovered up and stored in Section 702 databases—just like police have to do to read your letters or emails. The SAFE Act’s second reform closes the “data broker loophole” by largely prohibiting the government from purchasing personal data they would otherwise need a warrant to collect. While the White House memo is just the latest attempt to scare lawmakers into reauthorizing Section 702, it omits important context and distorts the key SAFE Act amendments’ effects

The government has repeatedly abused Section 702 by searching its databases for Americans’ communications. Every time, the government claims it has learned from its mistakes and won’t repeat them, only for another abuse to come to light years later. The government asks you to trust it with the enormously powerful surveillance tool that is Section 702—but it has proven unworthy of that trust.

The Government Should Get Judicial Approval Before Accessing Americans’ Communications

Requiring the government to obtain judicial approval before it can access the communications of Americans and those in the United States is a necessary, minimum protection against Section 702’s warrantless surveillance. Because Section 702 does not require safeguards of particularity and probable cause when the government initially collects communications, it is essential to require the government to at least convince a judge that there is a justification before the “separate Fourth Amendment event” of the government accessing the communications of Americans it has collected.

The White House’s memo claims that the government shouldn’t need to get court approval to access communications of Americans that were “lawfully obtained” under Section 702. But this ignores the fundamental differences between Section 702 and other surveillance. Intelligence agencies and law enforcement don’t get to play “finders keepers” with our communications just because they have a pre-existing program that warrantlessly vacuums them all up.

The SAFE Act has exceptions from its general requirement of court approval for emergencies, consent, and—for malicious software—“defensive cybersecurity queries.” While the White House memo claims these are “dangerously narrow,” exigency and consent are longstanding, well-developed exceptions to the Fourth Amendment’s warrant requirement. And the SAFE Act gives the government even more leeway than the Fourth Amendment ordinarily does in also excluding “defensive cybersecurity queries” from its requirement of judicial approval.

The Government Shouldn’t Be Able to Buy What It Would Otherwise Need a Warrant to Collect

The SAFE Act properly imposes broad restrictions upon the government’s ability to purchase data—because way too much of our data is available for the government to purchase. Both the FBI and NSA have acknowledged knowingly buying data on Americans. As we’ve written many times, the commercially available information that the government purchases can be very revealing about our most intimate, private communications and associations. The Director of National Intelligence’s own report on government purchases of commercially available information recognizes this data can be “misused to pry into private lives, ruin reputations, and cause emotional distress and threaten the safety of individuals.” This report also recognizes that this data can “disclose, for example, the detailed movements and associations of individuals and groups, revealing political, religious, travel, and speech activities.”

The SAFE Act would go a significant way towards closing the “data broker loophole” that the government has been exploiting. Contrary to the White House’s argument that Section 702 reauthorization is “not the vehicle” for protecting Americans’ data privacy, closing the “data broker loophole” goes hand-in-hand with putting crucial guardrails upon Section 702 surveillance: the necessary reform of requiring court approval for government access to Americans’ communications is undermined if the government is able to warrantlessly collect revealing information about Americans some other way. 

The White House further objects that the SAFE Act does not address data purchases by other countries and nongovernmental entities, but this misses the point. The best way Congress can protect Americans’ data privacy from these entities and others is to pass comprehensive data privacy regulation. But, in the context of Section 702 reauthorization, the government is effectively asking for special surveillance permissions for itself, that its surveillance continue to be subjected to minimal oversight while other other countries’ surveillance practices are regulated. (This has been a pattern as of late.) The Fourth Amendment prohibits intelligence agencies and law enforcement from giving themselves the prerogative to invade our privacy.  

In a landmark ruling for fundamental freedoms in Colombia, the Inter-American Court of Human Rights found that for over two decades the state government harassed, surveilled, and persecuted members of a lawyer’s group that defends human rights defenders, activists, and indigenous people, putting the attorneys’ lives at risk. 

The ruling is a major victory for civil rights in Colombia, which has a long history of abuse and violence against human rights defenders, including murders and death threats. The case involved the unlawful and arbitrary surveillance of members of the Jose Alvear Restrepo Lawyers Collective (CAJAR), a Colombian human rights organization defending victims of political persecution and community activists for over 40 years.

The court found that since at least 1999, Colombian authorities carried out a constant campaign of pervasive secret surveillance of CAJAR members and their families. That state violated their rights to life, personal integrity, private life, freedom of expression and association, and more, the Court said. It noted the particular impact experienced by women defenders and those who had to leave the country amid threat, attacks, and harassment for representing victims.  

The decision is the first by the Inter-American Court to find a State responsible for violating the right to defend human rights. The court is a human rights tribunal that interprets and applies the American Convention on Human Rights, an international treaty ratified by over 20 states in Latin America and the Caribbean. 

In 2022, EFF, Article 19, Fundación Karisma, and Privacy International, represented by Berkeley Law’s International Human Rights Law Clinic, filed an amicus brief in the case. EFF and partners urged the court to rule that Colombia’s legal framework regulating intelligence activity and the surveillance of CAJAR and their families violated a constellation of human rights and forced them to limit their activities, change homes, and go into exile to avoid violence, threats, and harassment. 

Colombia's intelligence network was behind abusive surveillance practices in violation of the American Convention and did not prevent authorities from unlawfully surveilling, harassing, and attacking CAJAR members, EFF told the court. Even after Colombia enacted a new intelligence law, authorities continued to carry out unlawful communications surveillance against CAJAR members, using an expansive and invasive spying system to target and disrupt the work of not just CAJAR but other human rights defenders and journalists. 

In examining Colombia’s intelligence law and surveillance actions, the court elaborated on key Inter-American and other international human rights standards, and advanced significant conclusions for the protection of privacy, freedom of expression, and the right to defend human rights. 

The court delved into criteria for intelligence gathering powers, limitations, and controls. It highlighted the need for independent oversight of intelligence activities and effective remedies against arbitrary actions. It also elaborated on standards for the collection, management, and access to personal data held by intelligence agencies, and recognized the protection of informational self-determination by the American Convention. We highlight some of the most important conclusions below.

Prior Judicial Order for Communications Surveillance and Access to Data

The court noted that actions such as covert surveillance, interception of communications, or collection of personal data constitute undeniable interference with the exercise of human rights, requiring precise regulations and effective controls to prevent abuse from state authorities. Its ruling recalled European Court of Human Rights’ case law establishing that “the mere existence of legislation allowing for a system of secret monitoring […] constitutes a threat to 'freedom of communication among users of telecommunications services and thus amounts in itself to an interference with the exercise of rights'.” 

Building on its ruling in the case Escher et al. vs Brazil, the Inter-American Court stated that

“[t]he effective protection of the rights to privacy and freedom of thought and expression, combined with the extreme risk of arbitrariness posed by the use of surveillance techniques […] of communications, especially in light of existing new technologies, leads this Court to conclude that any measure in this regard (including interception, surveillance, and monitoring of all types of communication […]) requires a judicial authority to decide on its merits, while also defining its limits, including the manner, duration, and scope of the authorized measure.” (emphasis added) 

According to the court, judicial authorization is needed when intelligence agencies intend to request personal information from private companies that, for various legitimate reasons, administer or manage this data. Similarly, prior judicial order is required for “surveillance and tracking techniques concerning specific individuals that entail access to non-public databases and information systems that store and process personal data, the tracking of users on the computer network, or the location of electronic devices.”  

The court said that “techniques or methods involving access to sensitive telematic metadata and data, such as email and metadata of OTT applications, location data, IP address, cell tower station, cloud data, GPS and Wi-Fi, also require prior judicial authorization.” Unfortunately, the court missed the opportunity to clearly differentiate between targeted and mass surveillance to explicitly condemn the latter.

The court had already recognized in Escher that the American Convention protects not only the content of communications but also any related information like the origin, duration, and time of the communication. But legislation across the region provides less protection for metadata compared to content. We hope the court's new ruling helps to repeal measures allowing state authorities to access metadata without a previous judicial order.

Indeed, the court emphasized that the need for a prior judicial authorization "is consistent with the role of guarantors of human rights that corresponds to judges in a democratic system, whose necessary independence enables the exercise of objective control, in accordance with the law, over the actions of other organs of public power.” 

To this end, the judicial authority is responsible for evaluating the circumstances around the case and conducting a proportionality assessment. The judicial decision must be well-founded and weigh all constitutional, legal, and conventional requirements to justify granting or denying a surveillance measure. 

Informational Self-Determination Recognized as an Autonomous Human Right 

In a landmark outcome, the court asserted that individuals are entitled to decide when and to what extent aspects of their private life can be revealed, which involves defining what type of information, including their personal data, others may get to know. This relates to the right of informational self-determination, which the court recognized as an autonomous right protected by the American Convention. 

“In the view of the Inter-American Court, the foregoing elements give shape to an autonomous human right: the right to informational self-determination, recognized in various legal systems of the region, and which finds protection in the protective content of the American Convention, particularly stemming from the rights set forth in Articles 11 and 13, and, in the dimension of its judicial protection, in the right ensured by Article 25.”  

The protections that Article 11 grant to human dignity and private life safeguard a person's autonomy and the free development of their personality. Building on this provision, the court affirmed individuals’ self-determination regarding their personal information. In combination with the right to access information enshrined in Article 13, the court determined that people have the right to access and control their personal data held in databases. 

The court has explained that the scope of this right includes several components. First, people have the right to know what data about them are contained in state records, where the data came from, how it got there, the purpose for keeping it, how long it’s been kept, whether and why it’s being shared with outside parties, and how it’s being processed. Next is the right to rectify, modify, or update their data if it is inaccurate, incomplete, or outdated. Third is the right to delete, cancel, and suppress their data in justified circumstances. Fourth is the right to oppose the processing of their data also in justified circumstances, and fifth is the right to data portability as regulated by law. 

According to the court, any exceptions to the right of informational self-determination must be legally established, necessary, and proportionate for intelligence agencies to carry out their mandate. In elaborating on the circumstances for full or partial withholding of records held by intelligence authorities, the court said any restrictions must be compatible with the American Convention. Holding back requested information is always exceptional, limited in time, and justified according to specific and strict cases set by law. The protection of national security cannot serve as a blanket justification for denying access to personal information. “It is not compatible with Inter-American standards to establish that a document is classified simply because it belongs to an intelligence agency and not on the basis of its content,” the court said.  

The court concluded that Colombia violated CAJAR members’ right to informational self -determination by arbitrarily restricting their ability to access and control their personal data within public bodies’ intelligence files.

The Vital Protection of the Right to Defend Human Rights

The court emphasized the autonomous nature of the right to defend human rights, finding that States must ensure people can freely, without limitations or risks of any kind, engage in activities aimed at the promotion, monitoring, dissemination, teaching, defense, advocacy, or protection of universally recognized human rights and fundamental freedoms. The ruling recognized that Colombia violated the CAJAR members' right to defend human rights.

For over a decade, human rights bodies and organizations have raised alarms and documented the deep challenges and perils that human rights defenders constantly face in the Americas. In this ruling, the court importantly reiterated their fundamental role in strengthening democracy. It emphasized that this role justifies a special duty of protection by States, which must establish adequate guarantees and facilitate the necessary means for defenders to freely exercise their activities. 

Therefore, proper respect for human rights requires States’ special attention to actions that limit or obstruct the work of defenders. The court has emphasized that threats and attacks against human rights defenders, as well as the impunity of perpetrators, have not only an individual but also a collective effect, insofar as society is prevented from knowing the truth about human rights violations under the authority of a specific State. 

Colombia’s Intelligence Legal Framework Enabled Arbitrary Surveillance Practices 

In our amicus brief, we argued that Colombian intelligence agents carried out unlawful communications surveillance of CAJAR members under a legal framework that failed to meet international human rights standards. As EFF and allies elaborated a decade ago on the Necessary and Proportionate principles, international human rights law provides an essential framework for ensuring robust safeguards in the context of State communications surveillance, including intelligence activities. 

In the brief, we bolstered criticism made by CAJAR, Centro por la Justicia y el Derecho Internacional (CEJIL), and the Inter-American Commission on Human Rights, challenging Colombia’s claim that the Intelligence Law enacted in 2013 (Law n. 1621) is clear and precise, fulfills the principles of legality, proportionality, and necessity, and provides sufficient safeguards. EFF and partners highlighted that even after its passage, intelligence agencies have systematically surveilled, harassed, and attacked CAJAR members in violation of their rights. 

As we argued, that didn’t happen despite Colombia’s intelligence legal framework, rather it was enabled by its flaws. We emphasized that the Intelligence Law gives authorities wide latitude to surveil human rights defenders, lacking provisions for prior, well-founded, judicial authorization for specific surveillance measures, and robust independent oversight. We also pointed out that Colombian legislation failed to provide the necessary means for defenders to correct and erase their data unlawfully held in intelligence records. 

The court ruled that, as reparation, Colombia must adjust its intelligence legal framework to reflect Inter-American human rights standards. This means that intelligence norms must be changed to clearly establish the legitimate purposes of intelligence actions, the types of individuals and activities subject to intelligence measures, the level of suspicion needed to trigger surveillance by intelligence agencies, and the duration of surveillance measures. 

The reparations also call for Colombia to keep files and records of all steps of intelligence activities, “including the history of access logs to electronic systems, if applicable,” and deliver periodic reports to oversight entities. The legislation must also subject communications surveillance measures to prior judicial authorization, except in emergency situations. Moreover, Colombia needs to pass regulations for mechanisms ensuring the right to informational self-determination in relation to intelligence files. 

These are just some of the fixes the ruling calls for, and they represent a major win. Still, the court missed the opportunity to vehemently condemn state mass surveillance (which can occur under an ill-defined measure in Colombia’s Intelligence Law enabling spectrum monitoring), although Colombian courts will now have the chance to rule it out.

In all, the court ordered the state to take 16 reparation measures, including implementing a system for collecting data on violence against human rights defenders and investigating acts of violence against victims. The government must also publicly acknowledge responsibility for the violations. 

The Inter-American Court's ruling in the CAJAR case sends an important message to Colombia, and the region, that intelligence powers are only lawful and legitimate when there are solid and effective controls and safeguards in place. Intelligence authorities cannot act as if international human rights law doesn't apply to their practices.  

When they do, violations must be fiercely investigated and punished. The ruling elaborates on crucial standards that States must fulfill to make this happen. Only time will tell how closely Colombia and other States will apply the court's findings to their intelligence activities. What’s certain is the dire need to fix a system that helped Colombia become the deadliest country in the Americas for human rights defenders last year, with 70 murders, more than half of all such murders in Latin America. 

Emma Shapiro is an American artist, writer, and activist who is based in Valencia, Spain. She is the Editor-At-Large for the Don’t Delete Art campaign and the founder of the international art project and movement Exposure Therapy. Her work includes the use of video, collage, performance, and photography, while primarily using her own body and image. Through her use of layered video projection, self portraiture, and repeated encounters with her own image, Emma deconstructs and questions the meaning of our bodies, how we know them, and what they could be.

Regular censorship of her artwork online and IRL has driven Emma to dedicate herself to advocacy for freedom of expression. Emma sat down with EFF’s Jillian York to discuss the need for greater protection of artistic expression across platforms, how the adult body is regulated in the digital world, the role of visual artists as defenders of cultural and digital rights, and more.

York: What does free expression mean to you?

Free expression, to me, as primarily an artist—I’ve now also become an arts writer and an advocate for artistry things including censorship and suppression online of those who make art —but, primarily, I’m an artist. So for me free expression is my own ability to make my work and see the artwork of others. That is what is, baseline, the most important thing to me. And whenever I encounter obstacles to those things is when I know I’m facing issues with free expression. Besides that, how free we are to express ourselves is kind of the barometer for what kind of society we’re living in.

York: Can you tell me about an experience that shaped your views on freedom of expression?

The first times I encountered suppression and erasure of my own art work, which is probably the most pivotal moment that I personally had that shaped my views around this in that I became indignant and that led me down a path of meeting other artists and other people who were expressing themselves and facing the exact same problem. Especially in the online space. The way it operates is, if you’re being censored, you’re being suppressed. You’re effectively not being seen. So unless you’re seeking out this conversation – and that’s usually because it’s happened to you – you’re easily not going to encounter this problem. You’re not going to be able to interact with the creators this is happening to.

That was a completely ground-shifting and important experience for me when I first started experiencing this kind of suppression and erasure of my artwork online. I’ve always experienced misunderstanding of my work and I usually chalked that up to a puritan mindset or sexism in that I use my own body in my artwork. Even though I’m not dealing with sexual themes – I’m not even dealing with feminist themes – those topics are unavoidable as soon as you use a body. Especially a female-presenting body in your artwork. As soon as I started posting my artwork online that was when the experience of censorship became absolutely clear to me.

York: Tell me about your project Exposure Therapy. We’ve both done a lot of work around how female-presenting bodies are allowed to exist on social media platforms. I would love to hear your take on this and what brought you to that project. 

I’d be happy to talk about Exposure Therapy! Exposure Therapy came out of one of the first major instances of censorship that I experienced. Which was something that happened in real life. It happened at a WalMart in rural Virginia where I couldn’t get my work printed. They threatened me with the police and they destroyed my artwork in front of me. The reason they gave me was that it showed nipples. So I decided to put my nipples everywhere. Because I was like… this is so arbitrary. If I put my nipple on my car is my car now illicit and sexy or whatever you’re accusing me of? So that’s how Exposure Therapy started. It started as a physical offline intervention. And it was just my own body that I was using. 

Then when I started an Instagram account to explore it a little further I, of course, faced online censorship of the female-presenting nipple. And so it became a more complex conversation after that. Because the online space and how we judge bodies online was a deep and confusing world. I ended up meeting a lot of other activists online who are dealing with the same topic and incorporating other bodies into the project. Out of that, I’ve grown nearly everything I’ve done since as having to do with online spaces, the censorship of bodies, and particularly censorship of female-presenting bodies. And it’s been an extremely rewarding experience. It’s been very interesting to monitor the temperature shifts over the last few years since I began the project, and to see how some things have remained the same. I mean, even when I go out and discuss the topic of censorship of the female-presenting nipple, the baseline understanding people often have is they think that female nipples are genitalia and they’re embarrassed by them. And that’s a lot of people in the world – even people who would attend a lecture of mine feel that way!

York: If you were to be the CEO of a social media platform tomorrow how would you construct the rules when it comes to the human body? 

When it comes to the adult human body. The adult consenting human body. I’m interested more in user choice in online spaces and social media platforms. I like the idea of me, as a user, going into a space with the ability to determine what I don’t want to see or what I do want to see. Instead of the space dictating what’s allowed to be on the space in the first place. And I also am interested in some models that I’ve seen where the artist or the person posting the content is labeling the images themselves, like self-tagging. And those tags end up creating their own sub-tags. And that is very interactive – it could be a much more interactive and user-experience based space rather than the way social media is operating right now which is completely dictated from the top down. There basically is no user choice now. There might be some toggles that you can say that you want to see or that you don’t want to see “sensitive content,” but they’re still the ones labeling what “sensitive content” is. I’m mostly interested in the user choice aspect. Lips social media run by Annie Brown I find to be a fascinating experiment. Something that she is proving is that there is a space that can be created that is LGBTQ and feminist-focused where it does put the user first. It puts the creator first. And there’s a sort of social contract that you’re a part of being in that space. 

York: Let me ask you about the Don’t Delete Art Campaign. What prompted that and what’s been a success story from that campaign?

I’m not a founding member of Don’t Delete Art. My fellow co-curators, Spencer Tunick and Savannah Spirit, were there in the very beginning when this was created with NCAC (National Coalition Against Censorship) and Freemuse and ARC (Artists at Risk Connection), and there were also some others involved at the beginning. But now it is those three organizations and three of us artists/ activists. Since its inception in 2020, I believe, or the end of 2019, we had seen a shift in the way that certain things were happening at Meta. We mostly are dealing with Meta platforms because they’re mostly image-based. Of course there are things that happen on other social media platforms, but visual artists are usually using these visual platforms. So most of our work has had to do with Meta platforms, previously Facebook platforms.

And since the inception of Don’t Delete Art we actually have seen shifts in the way that they deal with the appeals processes and the way that there might be more nuance in how lens-based work is assessed. We can’t necessarily claim those as victories because no one has told us, “This is thanks to you, Don’t Delete Art, that we made this change!” Of course, they’re never going to do that. But we’re pretty confident that our input – our contact with them, the data that we gathered to give them – helps them hear a little more of our artistic perspectives and integrate that into their content moderation design. So that’s a win.

For me personally, since I came on board – and I’m the Editor at Large of Don’t Delete Art – I have been very pleased with our interaction with artists and other groups including digital rights groups and free expression groups who really value what we do. And that we are able to collaborate with them, take part in events that they’re doing, and spread the message of Don’t Delete Art. And just let artists know that when this happens to them – this suppression or censorship – they’re not alone. Because it’s an extremely isolating situation. People feel ashamed. It’s hard to know you’re now inaugurated into a community when this happens to you. So I feel like that’s a win. The more I can educate my own community, the artist community, on this issue and advance the conversation and advance the cause.

York: What would you say to someone who says nudity isn’t one of the most important topics in the discussion around content moderation?

That is something that I encounter a lot. And basically it’s that there’s a lot of aspects to being an artist online—and then especially an artist who uses the body online—that faces suppression and censorship that people tend to think our concerns are frivolous. This also goes hand in hand with  the “free the nipple” movement and body equality. People tend to look upon those conversations—especially when they’re online—as being frivolous secondary concerns. And what I have to say to that is… my body is your body. If my body is not considered equal for any reason at all and not given the respect it deserves then no body is equal. It doesn’t matter what context it’s in. It doesn’t matter if I’m using my body or using the topic of female nipples or me as an artist. The fact that art using the body is so suppressed online means that there’s a whole set of artists who just aren’t being seen, who are unable to access the same kinds of tools as other artists who choose a different medium. And the medium that we choose to express ourselves with shouldn’t be subject to those kinds of restrictions. It shouldn’t be the case that artists have to change their entire practice just to get access to the same tools that other artists have. Which has happened. 

Many artists, myself included, [and] Savannah Spirit, especially, speak to this: people have changed their entire practice or they don’t show entire bodies of work or they even stop creating because they’re facing suppression and censorship and even harassment online. And that extends to the offline space. If a gallery is showing an artist who faces censorship online, they would be less likely to include that artist’s work in their promotional material where they might have otherwise. Or, if they do host that artist’s work and the gallery faces suppression and censorship of their presence online because of that artist’s work, then in the future they might choose not to work with an artist who works with the body. Then we’re losing an entire field of art in which people are discussing body politics and identity and ancestry and everything that has to do with the body. I mean there’s a reason artists are working with the body. It’s important commentary, an important tool, and important visibility. 

York: Is there anything else you’d like to share about your work that I haven’t asked you about? 

I do want to have the opportunity to say that—and it relates to the way people might not take some artists seriously or take this issue seriously—and I think that extends to the digital rights conversation and artists. I think it’s a conversation that isn’t being had in art communities. But it’s something that affects visual artists completely. Visual artists aren’t necessarily—well, it’s hard to group us as a community because we don’t have unions for ourselves, it’s a pretty individualistic practice, obviously—but artists don’t tend to realize that they are cultural rights defenders. And that they need to step in and occupy their digital rights space. Digital rights conversations very rarely include the topic of visual art. For example, the Santa Clara Principles is a very important document that doesn’t mention visual art at all. And that’s a both sides problem. That artists don’t recognize the importance of digital art in their practice, and digital rights groups don’t realize that they should be inviting visual artists to the table. So in my work, especially in the writing I do for arts journals, I have very specifically focused on and tried to call this out. That artists need to step into the digital rights space and realize this is a conversation that needs to be had in our own community.

York: That is a fantastic call to action to have in this interview, thank you. Now my final question- who, if anyone, is your free expression hero?

I feel somewhat embarrassed by it because it comes from a very naive place, but when I was a young kid I saw Ragtime on Broadway and Emma Goldman became my icon as a very young child. And of course I was drawn to her probably because we have the same name! Just her character in the show, and then learning about her life, became very influential to me. I just loved the idea of a strong woman spending her life and her energy advocating for people, activating people, motivating people to fight for their rights and make sure the world is a more equal place. And that has always been a sort of model in my mind and it’s never really gone away. I feel like I backed into what I’m doing now and ended up being where I want to be. Because I, of course, pursued art and I didn’t anticipate that I would be encountering this issue. I didn’t anticipate that I’d become part of the Don’t Delete Campaign, I didn’t know any of that. I didn’t set out for that. I just always had Emma Goldman in the back of my mind as this strong female figure whose life was dedicated to free speech and equality. So that’s my biggest icon. But it also is one that I had as a very young kid who didn’t know much about the world. 

York: Those are the icons that shape us! Thank you so much for this interview. 

Ola Bini, the software developer acquitted last year of cybercrime charges in a unanimous verdict in Ecuador, was back in court last week in Quito as prosecutors, using the same evidence that helped clear him, asked an appeals court to overturn the decision with bogus allegations of unauthorized access of a telecommunications system.

Armed with a grainy image of a telnet session—which the lower court already ruled was not proof of criminal activity—and testimony of an expert witness to the lower court—who never had access to the devices and systems involved in the alleged intrusion—prosecutors presented the theory that, by connecting to a router, Bini made partial unauthorized access in an attempt to break into a  system  provided by Ecuador’s national telecommunications company (CNT) to a presidency's contingency center.

If this all sounds familiar, that’s because it is. In an unfounded criminal case plagued by irregularities, delays, and due process violations, Ecuadorian prosecutors have for the last five years sought to prove Bini violated the law by allegedly accessing an information system without authorization.

Bini, who resides in Ecuador, was arrested at the Quito airport in 2019 without being told why. He first learned about the charges from a TV news report depicting him as a criminal trying to destabilize the country. He spent 70 days in jail and cannot leave Ecuador or use his bank accounts.

Bini prevailed in a trial last year before a three-judge panel. The core evidence the Prosecutor’s Office and CNT’s lawyer presented to support the accusation of unauthorized access to a computer, telematic, or telecommunications system was a printed image of a telnet session allegedly taken from Bini’s mobile phone.

The image shows the user requesting a telnet connection to an open server using their computer’s command line. The open server warns that unauthorized access is prohibited and asks for a username. No username is entered. The connection then times out and closes. Rather than demonstrating that Bini intruded into the Ecuadorean telephone network system, it shows the trail of someone who paid a visit to a publicly accessible server—and then politely obeyed the server's warnings about usage and access.

Bini’s acquittal was a major victory for him and the work of security researchers. By assessing the evidence presented, the court concluded that both the Prosecutor’s Office and CNT failed to demonstrate a crime had occurred. There was no evidence that unauthorized access had ever happened, nor anything to sustain the malicious intent that article 234 of Ecuador’s Penal Code requires to characterize the offense of unauthorized access.

The court emphasized the necessity of proper evidence to prove that an alleged computer crime occurred and found that the image of a telnet session presented in Bini’s case is not fit for this purpose. The court explained that graphical representations, which can be altered, do not constitute evidence of cybercrime since an image cannot verify whether the commands illustrated in it were actually executed. Building on technical experts' testimonies, the court said that what does not emerge, or what can't be verified from digital forensics, is not proper digital evidence.

Prosecutors appealed the verdict and are back in court using the same image that didn’t prove any crime was committed. At the March 26 hearing, prosecutors said their expert witness’s analysis of the telnet image shows there was connectivity to the router. The witness compared it to entering the yard of someone’s property to see if the gate to the property is open or closed. Entering the yard is analogous to connecting to the router, the witness said.

Actually, no. Our interpretation of the image, which was leaked to the media before Bini’s trial, is that it’s the internet equivalent of seeing an open gate, walking up to it, seeing a “NO TRESPASSING” sign, and walking away. If this image could prove anything it is that no unauthorized access happened.

Yet, no expert analysis was conducted in the systems allegedly affected. The  expert witness’s testimony was based on his analysis of a CNT report—he didn’t have access to the CNT router to verify its configuration. He didn’t digitally validate whether what was shown in the report actually happened and he was never asked to verify the existence of an IP address owned or managed by CNT.

That’s not the only problem with the appeal proceedings. Deciding the appeal is a panel of three judges, two of whom ruled to keep Bini in detention after his arrest in 2019 because there were allegedly sufficient elements to establish a suspicion against him. The detention was later considered illegal and arbitrary because of a lack of such elements. Bini filed a lawsuit against the Ecuadorian state, including the two judges, for violating his rights. Bini’s defense team has sought to remove these two judges from the appeals case, but his requests were denied.

The appeals court panel is expected to issue a final ruling in the coming days.  

After several years of litigation across the federal appellate courts, the U.S. Supreme Court in a unanimous opinion has finally crafted a test that lower courts can use to determine whether a government official engaged in “state action” such that censoring individuals on the official’s social media page—even if also used for personal purposes—would violate the First Amendment.

The case, Lindke v. Freed, came out of the Sixth Circuit and involves a city manager, while a companion case called O'Connor-Ratcliff v. Garnier came out of the Ninth Circuit and involves public school board members.

A Two-Part Test

The First Amendment prohibits the government from censoring individuals’ speech in public forums based on the viewpoints that individuals express. In the age of social media, where people in government positions use public-facing social media for both personal, campaign, and official government purposes, it can be unclear whether the interactive parts (e.g., comments section) of a social media page operated by someone who works in government amount to a government-controlled public forum subject to the First Amendment’s prohibition on viewpoint discrimination. Another way of stating the issue is whether a government official who uses a social media account for personal purposes is engaging in state action when they also use the account to speak about government business.  

As the Supreme Court states in the Lindke opinion, “Sometimes … the line between private conduct and state action is difficult to draw,” and the question is especially difficult “in a case involving a state or local official who routinely interacts with the public.”

The Supreme Court announced a fact-intensive test to determine if a government official’s speech on social media counts as state action under the First Amendment. The test includes two required elements:

• the official “possessed actual authority to speak” on the government’s behalf, and
• the official “purported to exercise that authority when he spoke on social media.”

Although the court’s opinion isn’t as generous to internet users as we had asked for in our amicus brief, it does provide guidance to individuals seeking to vindicate their free speech rights against government officials who delete their comments or block them outright.

This issue has been percolating in the courts since at least 2016. Perhaps most famously, the Knight First Amendment Institute at Columbia University and others sued then-president Donald Trump for blocking many of the plaintiffs on Twitter. In that case, the U.S. Court of Appeals for the Second Circuit affirmed a district court’s holding that President Trump’s practice of blocking critics from his Twitter account violated the First Amendment. EFF has also represented PETA in two cases against Texas A&M University.

Element One: Does the official possess actual authority to speak on the government’s behalf?

There is some ambiguity as to what specific authority the Supreme Court believes the government official must have. The opinion is unclear whether the authority is simply the general authority to speak officially on behalf of the public entity, or instead the specific authority to speak officially on social media. On the latter framing, the opinion, for example, discusses the authority “to post city updates and register citizen concerns,” and the authority “to speak for the [government]” that includes “the authority to do so on social media….” The broader authority to generally speak on behalf of the government would be easier to prove for plaintiffs and should always include any authority to speak on social media.

Element One Should Be Interpreted Broadly

We will urge the lower courts to interpret the first element broadly. As we emphasized in our amicus brief, social media is so widely used by government agencies and officials at all levels that a government official’s authority generally to speak on behalf of the public entity they work for must include the right to use social media to do so. Any other result does not reflect the reality we live in.

Moreover, plaintiffs who are being censored on social media are not typically commenting on the social media pages of low-level government employees, say, the clerk at the county tax assessor’s office, whose authority to speak publicly on behalf of their agency may be questionable. Plaintiffs are instead commenting on the social media pages of people in leadership positions, who are often agency heads or in elected positions and who surely should have the general authority to speak for the government.

“At the same time,” the Supreme Court cautions, “courts must not rely on ‘excessively broad job descriptions’ to conclude that a government employee is authorized to speak” on behalf of the government. But under what circumstances would a court conclude that a government official in a leadership position does not have such authority? We hope these circumstances are few and far between for the sake of plaintiffs seeking to vindicate their First Amendment rights.

When Does the Use of a New Communications Technology Become So “Well Settled” That It May Fairly Be Considered Part of a Government Official’s Public Duties?

If, on the other hand, the lower courts interpret the first element narrowly and require plaintiffs to provide evidence that the government official who censored them had authority to speak on behalf of the agency on social media specifically, this will be more difficult to prove.

One helpful aspect of the court’s opinion is that the government official’s authority to speak (however that’s defined) need not be written explicitly in their job description. This is in contrast to what the Sixth Circuit had, essentially, held. The authority to speak on behalf of the government, instead, may be based on “persistent,” “permanent,” and “well settled” “custom or usage.”  

We remain concerned, however, that if there is a narrower requirement that the authority must be to speak on behalf of the government via a particular communications technology—in this case, social media—then at what point does the use of a new technology become so “well settled” for government officials that it is fair to conclude that it is within their public duties?

Fortunately, the case law on which the Supreme Court relies does not require an extended period of time for a government practice to be deemed a legally sufficient “custom or usage.” It would not make sense to require an ages-old custom and usage of social media when the widespread use of social media within the general populace is only a decade and a half old. Ultimately, we will urge lower courts to avoid this problem and broadly interpret element one.

Government Officials May Be Free to Censor If They Speak About Government Business Outside Their Immediate Purview

Another problematic aspect of the Supreme Court’s opinion within element one is the additional requirement that “[t]he alleged censorship must be connected to speech on a matter within [the government official’s] bailiwick.”

The court explains:

For example, imagine that [the city manager] posted a list of local restaurants with health-code violations and deleted snarky comments made by other users. If public health is not within the portfolio of the city manager, then neither the post nor the deletions would be traceable to [his] state authority—because he had none.

But the average constituent may not make such a distinction—nor should they. They would simply see a government official talking about an issue generally within the government’s area of responsibility. Yet under this interpretation, the city manager would be within his right to delete the comments, as the constituent could not prove that the issue was within that particular government official’s purview, and they would thus fail to meet element one.

Element Two: Did the official purport to exercise government authority when speaking on social media? Plaintiffs Are Limited in How a Social Media Account’s “Appearance and Function” Inform the State Action Analysis

In our brief, we argued for a functional test, where state action would be found if a government official were using their social media account in furtherance of their public duties, even if they also used that account for personal purposes. This was essentially the standard that the Ninth Circuit adopted, which included looking at, in the words of the Supreme Court, “whether the account’s appearance and content look official.” The Supreme Court’s two-element test is more cumbersome for plaintiffs. But the upside is that the court agrees that a social media account’s “appearance and function” is relevant, even if only with respect to element two.

Reality of Government Officials Using Both Personal and Official Accounts in Furtherance of Their Public Duties Is Ignored

Another problematic aspect of the Supreme Court’s discussion of element two is that a government official’s social media page would amount to state action if the page is the “only” place where content related to government business is located. The court provides an example: “a mayor would engage in state action if he hosted a city council meeting online by streaming it only on his personal Facebook page” and it wasn’t also available on the city’s official website. The court further discusses a new city ordinance that “is not available elsewhere,” except on the official’s personal social media page. By contrast, if “the mayor merely repeats or shares otherwise available information … it is far less likely that he is purporting to exercise the power of his office.”

This limitation is divorced from reality and will hamstring plaintiffs seeking to vindicate their First Amendment rights. As we showed extensively in our brief (see Section I.B.), government officials regularly use both official office accounts and “personal” accounts for the same official purposes, by posting the same content and soliciting constituent feedback—and constituents often do not understand the difference.

Constituent confusion is particularly salient when government officials continue to use “personal” campaign accounts after they enter office. The court’s conclusion that a government official “might post job-related information for any number of personal reasons, from a desire to raise public awareness to promoting his prospects for reelection” is thus highly problematic. The court is correct that government officials have their own First Amendment right to speak as private citizens online. However, their constituents should not be subject to censorship when a campaign account functions the same as a clearly official government account.

An Upside: Supreme Court Denounces the Blocking of Users Even on Mixed-Use Social Media Accounts

One very good aspect of the Supreme Court’s opinion is that if the censorship amounted to the blocking of a plaintiff from engaging with the government official’s social media page as a whole, then the plaintiff must merely show that the government official “had engaged in state action with respect to any post on which [the plaintiff] wished to comment.”  

The court further explains:

The bluntness of Facebook’s blocking tool highlights the cost of a “mixed use” social-media account: If page-wide blocking is the only option, a public of­ficial might be unable to prevent someone from commenting on his personal posts without risking liability for also pre­venting comments on his official posts. A public official who fails to keep personal posts in a clearly designated per­sonal account therefore exposes himself to greater potential liability.

We are pleased with this language and hope it discourages government officials from engaging in the most egregious of censorship practices.

The Supreme Court also makes the point that if the censorship was the deletion of a plaintiff’s individual comments under a government official’s posts, then those posts must each be analyzed under the court’s new test to determine whether a particular post was official action and whether the interactive spaces that accompany it are government forums. As the court states, “it is crucial for the plaintiff to show that the official is purporting to exercise state authority in specific posts.” This is in contrast to the Sixth Circuit, which held, “When analyzing social-media activity, we look to a page or account as a whole, not each individual post.”

The Supreme Court’s new test for state action unfortunately puts a thumb on the scale in favor of government officials who wish to censor constituents who engage with them on social media. However, the test does chart a path forward on this issue and should be workable if lower courts apply the test with an eye toward maximizing constituents’ First Amendment rights online.

On February 8, François-Philippe Champagne, the Canadian Minister of Innovation, Science and Industry, announced Canada would ban devices used in keyless car theft. The only device mentioned by name was the Flipper Zero—the multitool device that can be used to test, explore, and debug different wireless protocols such as RFID, NFC, infrared, and Bluetooth.

EFF explores toilet hacking

While it is useful as a penetration testing device, Flipper Zero is impractical in comparison to other, more specialized devices for car theft. It’s possible social media hype around the Flipper Zero has led people to believe that this device offers easier hacking opportunities for car thieves*. But government officials are also consuming such hype. That leads to policies that don’t secure systems, but rather impedes important research that exposes potential vulnerabilities the industry should fix. Even with Canada walking back on the original statement outright banning the devices, restricting devices and sales to “move forward with measures to restrict the use of such devices to legitimate actors only” is troublesome for security researchers.

This is not the first government seeking to limit access to Flipper Zero, and we have explained before why this approach is not only harmful to security researchers but also leaves the general population more vulnerable to attacks. Security researchers may not have the specialized tools car thieves use at their disposal, so more general tools come in handy for catching and protecting against vulnerabilities. Broad purpose devices such as the Flipper have a wide range of uses: penetration testing to facilitate hardening of a home network or organizational infrastructure, hardware research, security research, protocol development, use by radio hobbyists, and many more. Restricting access to these devices will hamper development of strong, secure technologies.

When Brazil’s national telecoms regulator Anatel refused to certify the Flipper Zero and as a result prevented the national postal service from delivering the devices, they were responding to media hype. With a display and controls reminiscent of portable video game consoles, the compact form-factor and range of hardware (including an infrared transceiver, RFID reader/emulator, SDR and Bluetooth LE module) made the device an easy target to demonize. While conjuring imagery of point-and-click car theft was easy, citing examples of this actually occurring proved impossible. Over a year later, you’d be hard-pressed to find a single instance of a car being stolen with the device. The number of cars stolen with the Flipper seems to amount to, well, zero (pun intended). It is the same media hype and pure speculation that has led Canadian regulators to err in their judgment to ban these devices.

Still worse, law enforcement in other countries have signaled their own intentions to place owners of the device under greater scrutiny. The Brisbane Times quotes police in Queensland, Australia: “We’re aware it can be used for criminal means, so if you’re caught with this device we’ll be asking some serious questions about why you have this device and what you are using it for.” We assume other tools with similar capabilities, as well as Swiss Army Knives and Sharpie markers, all of which “can be used for criminal means,” will not face this same level of scrutiny. Just owning this device, whether as a hobbyist or professional—or even just as a curious customer—should not make one the subject of overzealous police suspicions.

It wasn’t too long ago that proficiency with the command line was seen as a dangerous skill that warranted intervention by authorities. And just as with those fears of decades past, the small grain of truth embedded in the hype and fears gives it an outsized power. Can the command line be used to do bad things? Of course. Can the Flipper Zero assist criminal activity? Yes. Can it be used to steal cars? Not nearly as well as many other (and better, from the criminals’ perspective) tools. Does that mean it should be banned, and that those with this device should be placed under criminal suspicion? Absolutely not.

We hope Canada wises up to this logic, and comes to view the device as just one of many in the toolbox that can be used for good or evil, but mostly for good.

*Though concerns have been raised about Flipper Devices' connection to the Russian state apparatus, no unexpected data has been observed escaping to Flipper Devices' servers, and much of the dedicated security and pen-testing hardware which hasn't been banned also suffers from similar problems.

This post was drafted by EFF legal intern Alissa Johnson.

EFF signed on to an amicus brief drafted by the National Association of Criminal Defense Lawyers earlier this month petitioning the Oregon Supreme Court to review State v. Simons, a case involving law enforcement surveillance of over a year’s worth of private internet activity. We ask that the Court join the Ninth Circuit in recognizing that people have a reasonable expectation of privacy in their browsing histories, and that checking a box to access public Wi-Fi does not waive Fourth Amendment rights.

Mr. Simons was convicted of downloading child pornography after police warrantlessly captured his browsing history on an A&W restaurant’s public Wi-Fi network, which he accessed from his home across the street. The network was not password-protected but did require users to agree to an acceptable use policy, which noted that while web activity would not be actively monitored under normal circumstances, A&W “may cooperate with legal authorities.” A private consultant hired by the restaurant noticed a device on the network accessing child pornography sites and turned over logs of all of the device’s unencrypted internet activity, both illegal and benign, to law enforcement.

The Court of Appeals asserted that Mr. Simons had no reasonable expectation of privacy in his browsing history on A&W’s free Wi-Fi network. We disagree.

Browsing history reveals some of the most sensitive personal information that exists—the very privacies of life that the Fourth Amendment was designed to protect. It can allow police to uncover political and religious affiliation, medical history, sexual orientation, or immigration status, among other personal details. Internet users know how much of their private information is exposed through browsing data, take steps to protect it, and expect it to remain private.

Courts have also recognized that browsing history offers an extraordinarily detailed picture of someone’s private life. In Riley v. California, the Supreme Court cited browsing history as an example of the deeply private information that can be found on a cell phone. The Ninth Circuit went a step further in holding that people have a reasonable expectation of privacy in their browsing histories.

People’s expectation of privacy in browsing history doesn’t disappear when tapping “I Agree” on a long scroll of Terms of Service to access public Wi-Fi. Private businesses monitoring internet activity to protect their commercial interests does not license the government to sidestep a warrant requirement, or otherwise waive constitutional rights.

The price of participation in public society cannot be the loss of Fourth Amendment rights to be free of unreasonable government infringement on our privacy. As the Supreme Court noted in Carpenter v. United States, “A person does not surrender all Fourth Amendment protection by venturing into the public sphere.” People cannot negotiate the terms under which they use public Wi-Fi, and in practicality have no choice but to accept the terms dictated by the network provider.

The Oregon Court of Appeals’ assertion that access to public Wi-Fi is convenient but not necessary for participation in modern life ignores well-documented inequalities in internet access across race and class. Fourth Amendment rights are for everyone, not just those with private residences and a Wi-Fi budget.

Allowing private businesses’ Terms of Service to dictate our constitutional rights threatens to make a “crazy quilt” of the Fourth Amendment, as the U.S. Supreme Court pointed out in Smith v. Maryland. Pinning constitutional protection to the contractual provisions of private parties is absurd and impracticable. Almost all of us rely on Wi-Fi outside of our homes, and that access should be protected against government surveillance.

We hope that the Oregon Supreme Court accepts Mr. Simons’ petition for review to address the important constitutional questions at stake in this case.

EFF welcomes the latest and long-awaited policy advisory opinion from Meta’s Oversight Board calling on the company to end its blanket ban on the use of the Arabic-language term “shaheed” when referring to individuals listed under Meta’s policy on dangerous organizations and individuals and calls on Meta to fully implement the Board’s recommendations.

Since the Meta Oversight Board was created in 2020 as an appellate body designed to review select contested content moderation decisions made by Meta, we’ve watched with interest as the Board has considered a diverse set of cases and issued expert opinions aimed at reshaping Meta’s policies. While our views on the Board's efficacy in creating long-term policy change have been mixed, we have been happy to see the Board issue policy recommendations that seek to maximize free expression on Meta properties.

The policy advisory opinion, issued Tuesday, addresses posts referring to individuals as 'shaheed' an Arabic term that closely (though not exactly) translates to 'martyr,' when those same individuals have previously been designated by Meta as 'dangerous' under its dangerous organizations and individuals policy. The Board found that Meta’s approach to moderating content that contains the term to refer to individuals who are designated by the company’s policy on “dangerous organizations and individuals”—a policy that covers both government-proscribed organizations and others selected by the company— substantially and disproportionately restricts free expression.

The Oversight Board first issued a call for comment in early 2023, and in April of last year, EFF partnered with the European Center for Not-for-Profit Law (ECNL) to submit comment for the Board’s consideration. In our joint comment, we wrote:

The automated removal of words such as ‘shaheed’ fail to meet the criteria for restricting users’ right to freedom of expression. They not only lack necessity and proportionality and operate on shaky legal grounds (if at all), but they also fail to ensure access to remedy and violate Arabic-speaking users’ right to non-discrimination.

In addition to finding that Meta’s current approach to moderating such content restricts free expression, the Board noted thate importance of any restrictions on freedom of expression that seek to prevent violence must be necessary and proportionate, “given that undue removal of content may be ineffective and even counterproductive.”

We couldn’t agree more. We have long been concerned about the impact of corporate policies and government regulations designed to limit violent extremist content on human rights and evidentiary content, as well as journalism and art. We have worked directly with companies and with multi stakeholder initiatives such as the Global Internet Forum to Counter Terrorism, Tech Against Terrorism, and the Christchurch Call to ensure that freedom of expression remains a core part of policymaking.

In its policy recommendation, the Board acknowledges the importance of Meta’s ability to take action to ensure its platforms are not used to incite violence or recruit people to engage in violence, and that the term “shaheed” is sometimes used by extremists “to praise or glorify people who have died while committing violent terrorist acts.” However, the Board also emphasizes that Meta’s response to such threats must be guided by respect for all human rights, including freedom of expression. Notably, the Board’s opinion echoes our previous demands for policy changes, as well as those of the Stop Silencing Palestine campaign initiated by nineteen digital and human rights organizations, including EFF.

We call on Meta to implement the Board’s recommendations and ensure that future policies and practices respect freedom of expression.

*This interview has been edited for length and clarity. 

Robert Ssempala is a longtime press freedom and social justice advocate. He serves as Executive Director at Human Rights Network for Journalists-Uganda, a network of journalists in Uganda working towards enhancing the promotion, protection, and respect of human rights through defending and building the capacities of journalists, to effectively exercise their constitutional rights and fundamental freedoms for collective campaigning through the media. Under his leadership, his organization has supported hundreds of journalists who have been assaulted, imprisoned, and targeted in the course of their work. 

 York: What does free speech or free expression mean to you?

 It means being able to give one’s opinions and ideas freely without fear of reprisals or without fearing facing criminal sanctions, and without being concerned about how another feels about their ideas or opinions. Sometimes even if it’s offensive, it’s one’s opinion. For me, it’s entirely how one wants to express themselves that is all about having the liberty to speak freely.

 York: What are the qualities that make you passionate about free expression?

 For me, it is the light for everyone when they’re able to give their ideas and opinions. It is having a sense of liberty to have an idea. I am very passionate about listening to ideas, about everyone getting to speak what they feel is right. The qualities that make me passionate about it are that, first, I’m from a media background. So, during that time I learned that we are going to receive the people’s ideas and opinions, disseminate them to the wider public, and there will be feedback from the public about what has come out from one side to the other. And that quality is so dear to my heart. And second, it is a sense of freedom that is expressed at all levels, in any part of the country or the world, being the people’s eyes and ears, especially at their critical times of need.

 York: I want to ask you more about Uganda. Can you give us a short overview of what the situation for speech is like in the country right now?

 The climate in Uganda is partly free and partly not free, depending on the nature of the issues at hand. Those that touch civil and political rights are very highly restricted and it has attracted so many reprisals for those that seek to express themselves that way. I work for the Human Rights Network for Journalists-Uganda (HRNJ-Uganda) which is a non-governmental media rights organization, so we monitor and document annually the incidents, trends, and patterns touching freedom of expression and journalists’ rights. Most of the cases that we have received, documented, and worked on are stemming from civil and political rights. We receive less of those that touch economic, social, and cultural rights. So depending on where you’re standing, those media houses and journalists that are critically independent and venture into investigative practices are highly targeted. They have been attacked physically, their gadgets have been confiscated and sometimes even damaged deliberately. Some have lost their jobs under duress because a majority of media ownership in this country is by the political class or lean toward the ruling political party. As such, they want to be seen to be supportive of the regime, so they kind of tighten the noose on all freedom of expression spaces within media houses and prevail over their journalists. This by any measure has led to heightened self-censorship.

 But also, those journalists that seem to take critical lines are targeted. Some are even blacklisted. We can say that from the looks of things that times around political campaigns and elections are the tightest for freedom of expression in this country, and most cases have been reported around such times. We normally have elections every five years. So every three years after an election electioneering starts. And that’s when we see a lot of restrictions coming from the government through its regulation bodies like the Uganda Communications Commission, which is the communications regulator in my country. Also from the Media Council of Uganda, which was put in place by an act of Parliament to oversee the practices of media. And from the police or security apparatus in this country. So it’s a very fragile environment within which to practice. The journalists operate under immense fear and there are very high levels of censorship. The law has increasingly been used to criminalize free speech. That’s how I’d describe the current environment.

 York: I understand that the Computer Misuse Act as well as cybercrime legislation have been used to target journalists. Have you or any of your clients experienced censorship through abuse of computer crime laws?

 We have a very Draconian law called the Computer Misuse Amendment Act. It was amended just last year to make it even worse. It has been now the walking stick of the proponents of the regime that don’t want to be subjected to public scrutiny, that don’t want to be held accountable politically in their offices. So abuses of public trust and power of their offices are hidden under the Computer Misuse Amendment Act. And most journalists, most editors, most managers have been, from time to time, interrogated at the Criminal Investigations Directorate of the police over what they have written about the powerful personalities especially in the political class – sometimes even from the business class – but mainly it’s from the political class. So it is used to insulate the powerful from being held accountable. Sadly, most of these cases are politically motivated. Most of them have not even ended up in courts of law, but have been used to open up charges against the media practitioners who have, from time to time, kept reporting and answering to the police for a long time without being presented to court or that are presented at a time when they realize that the journalists in question are becoming a bit unruly. So these laws are used to contain the journalists.

 Since most of the stories that have been at the highlight of the regime have been factual, they have not had reason to run to Court, but the effect of this is very counterproductive to the journalists’ independence, to their ability to concentrate on more stories – because they’re always thinking about these cases pending before them. Also, media houses now become very fearful and learn how to behave to not be in many cases of that nature. So the Computer Misuse Act, criminal defamation and now the most recent one, the Anti-Homosexuality Act (AHA) – which was passed by Parliament with very drastic clauses– are clawback legislation for press freedom in Uganda. The AHA in itself fundamentally affected the practice of journalism. The legislation falls short of drawing a clear distinction between what amounts to promotion or education [with regards to sharing material related to homosexuality]. Yet one of the crucial roles of the media is to educate the population about many things, but here, it’s not clear when the media is promoting and when it is educating. So it wants to slap a blackout completely on when you’re discussing the LGBTQI+ issues in the country. So, this law is very ambiguous and therefore susceptible to abuse at the expense of freedom speech

 And it also introduces very drastic sanctions. For instance, if one writes about homosexuality their media operating license is revoked for ten years. And I’m sure no media house can stand up again after ten years of closure and can still breathe life. Also, the AHA generalizes the practice of an individual journalist. If, for instance, one of your journalists writes something that the law looks at as against it, the entire media house license is revoked for ten years, but also you’re imprisoned for five years – you as the writer. In addition, you receive a hefty fine of the equivalent of 1 billion Uganda shillings, that’s about 250,000 euros. Which is really too much for any media house operating in Uganda.

 So that alone has created a lot of fear to discuss these issues, even when the law was passed in such a rushed manner with total disregard for the input of key stakeholders like the media, among others. As a media rights organization, we had looked at the draft bill and we were planning to make a presentation before the Parliamentary Committee. But within a week they closed all public hearings opinions, which limited the space for engagement. Within a few days the law had been written, presented again, and then assented to by the President. No wonder it’s being challenged in the Constitutional Court. This is the second time actually that such a law has been challenged. Of course, there are many other laws, like the Anti-Terrorism Act, which has not clearly defined the role of a journalist who speaks to a person who engages in subversive activities as terrorism. Where the law presupposes that before interviewing a person or before hosting them in your shows, you must have done a lot of background checks to make sure they have not engaged in such terrorism acts. So if you do not, the law here presses a criminal liability on the talk show host for promoting and abetting terrorism. And if there’s a conviction, the ultimate punishment is being sentenced to death. So these couple of laws are really used to curtail freedom of expression.

 York: Wow, that’s incredible. I understand how this impacts media houses, but what would you say the impact is on ordinary citizens or individual activists, for example?

 Under the Computer Misuse Amendment Act, the amended Act is restrictive and inhibitive to freedom of expression in regards to citizen journalism. It introduces such stringent conditions, like, if I’m going to record a video of you, say that I’m a journalist, citizen journalist or an activist who is not working for a media house, I must seek your permission before I record you in case you’re committing a crime. The law presupposes that I have no right to record you and later on disseminate the video without your explicit permission. Notably, the law is silent on the nature of the admissible permission, whether it is an email, SMS, WhatsApp, voice note, written note, etc. Also, the law presupposes that before I send you such a video, I must seek for your permission as the intended recipient of the said message. For instance, if I send you an email and you think you don’t need it, you can open a case against me for sending you unsolicited information. Unsolicited information – that’s the word that’s used.

 So the law is so amorphous in this nature that it completely closes out the liberty of a free society where citizens can engage in discussions, dialogues, or give opinions or ideas. For instance, I could be a very successful farmer, and I think the public could benefit from my farming practices, and I record a lot of what I do and I disseminate those videos. Somebody who receives this, wherever they are, can run to court and use this amended Computer Misuse Act to open up charges against me. And the fines are also very hefty compared to the crimes that the law talks about. So it is so evident that the law is killing citizen journalism, dissent, and activism at all levels. The law does not seem to cater to a free society where the individual citizens can express themselves at any one time, can criticize their leaders, and can hold them accountable. In the presence of this law, we do not have a society that can hold anyone accountable or that can keep the powerful in check. So the spirit of the law is bad. The powerful fence themselves off from the ordinary citizens that are out there watching and not able to track their progress of things or raise red flags through the different social media platforms. But we have tried to challenge this law. There is a group of us, 13 individual activists and CSOs that have gone to the Constitutional Court to say, “this law is counterproductive to freedom of expression, democracy, rule of law and a free society.” We believe that the court will agree with us given its key function of promoting human rights, good governance, democracy, and the rule of law.

 York: That was my next question- I was going to ask how are people fighting against these laws?

 People are very active in terms of pushing back and to that extent we have many petitions that are in court. For instance, the Computer Misuse Amendment is being challenged. We had the Anti-pornographic Act of 2014 which was so amorphous in its nature that it didn’t clearly define what actually amounts to pornography. For instance, if I went around people in a swimming pool in their swimming trunks and took photos and carried those in the newspaper or on TV, that would be promoting pornography. So that was counterproductive to journalism so we went to court. And, fortunately, a court ruled in our favor. So the citizens are really up in arms to fight back because that’s the only way we can have civic engagements that are not restricted through a litany of such laws. There has been civic participation and engagement through mass media, dialogues with key actors, among others. However, many fear to speak out due to fear of reprisals, having seen the closure of media houses, the arrest and detention of activists and journalists, and the use of administrative sanctions to curtail free expression.

 York: Are there ways in which international groups and activists can stand in solidarity with those of you who are fighting back against these laws?

 There’s a lot of backlash on organizations, especially local ones, that tend to work a lot with international organizations. The government seems to be so threatened by the international eye as compared to local eyes, because recently it banned the UN Human Rights Office. They had to wind up business and leave the country. Also, the offices of the Democratic Governance Facility (DGF), which was a basket of embassies and the EU that were the biggest funding entity for the civil society. And actually for the government, too, because they were empowering citizens, you know, empowering the demand side to heighten its demand for services from the supply side. The government said no and they had to wind up their offices and leave. This has severely crippled the work of civil society, media, and, generally, governance.

The UN played an important role before they left and we now have that gap. Yet this comes at a time when our national Uganda Human Rights Commission is at its weakest due to a number of structural challenges characterizing it. The current leadership of the Commission is always up in arms against the political opposition for accusing government of committing human rights excesses against its members. So we do our best to work with international organizations through sharing our voices. We have an African Hub, like the African IFEX, where the members try to replicate voices from here. In that nature we do try a lot, but it’s not very easy for them to come here and do their practices. Just like you will realize a lot of foreign correspondents, foreign journalists, who work in Uganda are highly restricted. It’s a tug of war to have their licenses renewed. Because it’s politically handled. It was taken away from the professional body of the Media Council of Uganda to the Media Centre of Uganda, which is a government mouthpiece.  So for the critical foreign correspondents their licenses are rarely renewed. When it comes to election times most of them are blocked from even coming here to cover the elections. The international media development bodies can help to build capacities of our media development organizations, facilitate research, provide legal aid support, and engage the government on the excesses of the security forces and some emergency responses for victims, among others.

 York: Is there anything that I didn’t ask that you’d like to share with our readers?

 One thing I was to add is about trying to have an international focus on Uganda in the build up to elections. There’s a lot of havoc that happens to the citizens, but most importantly, to the activists and human rights defenders. Either cultural activists or media activists- a lot happens. And most of these things are not captured well because it is prior to the peak of campaigns or there is fear by the local media of capturing such situations. So by the time we get international attention, sometimes the damage is really too irreparable and a lot has happened. As opposed to if there was that international focus from the world. To me, that should really be captured because it would mitigate a lot that has happened.