Tag: privacy

Ninth Circuit Rules ISPs Can’t Be Forced to Unmask Users Under DMCA

The Ninth Circuit has ruled that internet service providers cannot be compelled to unmask users through subpoenas under the DMCA, reinforcing long-standing precedent that these subpoenas were never meant to apply to providers that simply offer access to the internet.

The decision blocks an increasingly common tactic copyright owners use to sidestep due process and extract user identities without judicial oversight.

We obtained a copy of the opinion for you here.

The case came about after a copyright owner targeted 29 Cox Communications subscribers accused of sharing the film Fall (2022) through BitTorrent. Rather than filing a lawsuit or seeking a judge’s permission, the copyright holder went straight to a court clerk to obtain a subpoena.

Although Cox was under no obligation to do so, the company notified the affected subscribers. Only one responded to object, triggering a legal dispute that has now resulted in a firm ruling from the Ninth Circuit.

The dispute is a simple but critical distinction. The DMCA outlines separate protections depending on the type of service provided.

Web hosts fall under Section 512(c) and can receive takedown notices for content they store, while IAPs are covered under Section 512(a), which protects them from liability as long as they are acting as neutral conduits for internet traffic.

Keep reading

JD Vance Stops UK Apple Backdoor Order Threatening Americans’ Privacy

Vice President J.D. Vance played a decisive role in persuading the United Kingdom to drop its demand that Apple provide the government with a “backdoor” into personal user data, according to U.S. officials.

The negotiations followed months of quiet but direct engagement between American and British leaders on the matter, as reported by Fox News.

A U.S. official told Fox News Digital that Vance was “in charge and was personally involved in negotiating a deal, including having direct conversations with the British government.”

The official said Vance worked with U.K. partners to negotiate “a mutually beneficial understanding” that led the British government to withdraw the order.

The agreement, the official added, ensures “each country’s sovereignty while maintaining close cooperation on data sharing.”

The vice president’s background in technology, along with his stated commitment to privacy rights and the U.S.-U.K. alliance, shaped his involvement.

Keep reading

Civil liberties group opposes Garda access to messages

Plans to force encrypted messaging apps like WhatsApp and Signal to give Gardaí access to private conversations would “profoundly undermine” digital security, the Irish Council for Civil Liberties (ICCL) has said.

In a statement issued this week, the group said cybersecurity experts were unanimous that so-called “backdoors” for law enforcement could not be created without also leaving users vulnerable to hackers and malicious actors.

“It is impossible to create ‘backdoor’ access pathways for law enforcement that can’t also be exploited,” the organisation said.

The ICCL added that encryption protects not only personal conversations but also online banking, shopping and wider digital activity.

“We all rely on encryption to safeguard our sensitive personal data when browsing, communicating or doing business online,” it said.

“Forcing companies to break their own encryption would profoundly undermine our digital security, as well as our fundamental rights to privacy and data protection.”

The council cited the position of the United Nations and the European Court of Human Rights in opposing laws that compromise encryption. It also highlighted the recent example of the UK government withdrawing a demand for Apple to install a backdoor into its cloud services, after the company refused.

“Apple stated it had never built – and never would build – backdoor access into any of its encrypted products,” the ICCL noted.

“Instead, Apple disabled its advanced data protection service in the UK and challenged the order in court.”

The group urged Justice Minister Jim O’Callaghan to reconsider his planned legislation, describing the proposals as “neither proportionate nor technically sound.”

It called for “transparent consultation with cybersecurity experts, civil society and technologists before proposing any legislation that could irreversibly damage digital privacy and cybersecurity.”

Last month, O’Callaghan told an audience that Gardaí must have powers to intercept modern communications.

“None of us would like to imagine living in a surveillance State,” he said.

Keep reading

Supreme Court Allows Mississippi Age Verification Law to Take Effect, Advancing Online Digital ID Push

The Supreme Court’s choice to let Mississippi enforce its new age verification law is part of a growing shift toward digital ID requirements across the internet, raising urgent concerns about privacy and censorship.

By declining to block the law while legal challenges continue, the Court has effectively allowed states to begin tying online activity to users’ real-world identities, a move that could reshape how people access information and speak freely online.

We obtained a copy of the ruling for you here.

Mississippi’s HB 1126 requires social media platforms to verify a user’s age before allowing them to create an account. Those under 18 must obtain parental permission. Platforms are also required to restrict access to what the state broadly labels as “harmful” content. For companies to comply, identity checks will be necessary, meaning users may soon need to provide government IDs or other personal documents just to post or view content on public platforms.

The Supreme Court has already allowed a similar Texas law to be enforced.

Justice Brett Kavanaugh, writing separately from the Court’s unsigned order, stated that the law is “likely unconstitutional” and said NetChoice had “likely” shown that enforcement would violate the First Amendment. Still, the Court allowed the law to take effect, saying the trade group had not shown a strong enough risk of harm to justify emergency relief.

NetChoice, which includes companies such as Meta, Google, Amazon, Reddit, and Discord, argues that mandatory age checks for general-purpose platforms violate free speech protections. The group had previously won a ruling to block the law, but that decision was overturned in April by the Fifth Circuit Court of Appeals.

Paul Taske, co-director of the NetChoice Litigation Center, said the ruling was a delay, not a defeat. “Although we’re disappointed with the Court’s decision, Justice Kavanaugh’s concurrence makes clear that NetChoice will ultimately succeed in defending the First Amendment — not just in this case but across all NetChoice’s ID-for-Speech lawsuits,” he said.

Keep reading

Tornado Cash Co-Founder Roman Storm Convicted, Raising Fears for Privacy Rights and Open-Source Development

Roman Storm’s guilty verdict is sending shockwaves through privacy advocates and the open-source development community, with many warning it could change how the US criminal justice system treats creators of decentralized tools.

A federal jury in New York on August 6 convicted the Tornado Cash co-founder of operating an unlicensed money-transmitting business, a charge that could carry up to five years in prison. Jurors could not agree on two other allegations, conspiracy to launder money and conspiracy to breach US sanctions, leaving prosecutors the option to bring those charges to trial again.

Tornado Cash, launched in 2019 by Storm along with Alexey Pertsev and Roman Semenov, was designed to obscure the origins of cryptocurrency transactions and give users financial privacy.

Although the protocol never took control of user funds, US authorities claimed it had been exploited for laundering illicit proceeds and sanctioned it before later reversing that decision in March. Pertsev is facing trial in the Netherlands, Semenov is still wanted by the FBI, and Storm’s arrest took place a year after Pertsev’s.

In September 2024, Judge Katherine Failla allowed the case to move forward, ruling that Tornado Cash met the definition of a money transmitter under federal law and should have followed Anti-Money Laundering and Know Your Customer rules. Privacy supporters have long argued that holding developers accountable for the actions of users, particularly when they lack the technical ability to intervene, creates a dangerous precedent.

The Blockchain Association, a crypto policy group, called the decision “a dangerous precedent for open-source software developers.”

In an earlier amicus brief, it said Storm had no custody or control over the funds moving through Tornado Cash and warned the ruling could lead to criminal charges against creators of browsers, messaging apps, or other tools if those were misused.

Keep reading

The Government Is Not Your Friend

This week’s guilty verdict for Roman Storm on the count of conspiracy to operate an unlicensed money service business is absolutely insane.

FinCEN, the regulator responsible for licensing, monitoring, and enforcement actions concerning criminal activity in money transmission has itself explicitly stated that self-custodial tooling that facilitates the transmission of value using cryptocurrencies are not money transmitters and are not subject to the relevant regulations.

So, how did we get here? Eight months after the election of a president who describes himself as a Bitcoin and cryptocurrency advocate, after the Department of Justice themselves have explicitly stated that they are not going to engage in regulation by prosecution, or prosecute mixing services, how was Roman Storm found guilty?

There is nothing to describe this situation except pure, unbridled insanity. Incoherence. Hypocrisy and contradiction. There is a lesson here, though, one that I think it’s time more people in this space learn. 

The government’s word is worthless. It means nothing. 

They will continue cracking down on privacy, they will continue pushing KYC surveillance through things like the GENIUS Act and through the backdoor, applying them to just stablecoins (for now). They will continue treating the desire for privacy as evidence of criminal intent. They will do all these things while talking out of the other side of their mouth about supporting Bitcoiners and the “importance of self custody.” 

This is what the government does. This is what politicians do. It is inherent in their very nature. 

We need to stop treating these people as our friends. We need to stop pretending and lying to ourselves that they can be won over and become powerful allies to push the values and tools that we wish to see in the world. They are not our friends. They will not become allies, sharing a common cause with us. They are our enemies. 

It is time to stop pretending. These people must be treated as hostile, and dealt with as such. 

We need to stop begging them for clauses and riders in bills. We need to take them to court. We need to stop kissing their ass and pandering to their egos and notion of public persona. We need to call them out as the two-faced spineless people they are. 

If there is any legitimacy whatsoever to the legal foundations of the United States government, we do not need new laws, we do not need these people’s permission — we have the Constitution. Remind them of that in court. 

If, at the end of all of that, this system is so corrupt and hypocritical that it functionally ignores the constitutional rights of Americans (and non-Americans), then we need to ignore them.

Keep reading

Bipartisan bill would require IRS to notify taxpayer if seeking private financial info

Taxpayers will have more control over how the Internal Revenue Service acquires their personal information if a newly-introduced bill becomes law.

The bipartisan Taxpayer Notification and Privacy Act, brought forward Thursday by Sens. John Barrasso, R-Wyo., and Raphael Warnock, D-Ga., would require the IRS to inform taxpayers of the exact tax information it plans to seek from third parties, such as employers or banks, at least 45 days before doing so.

During that time period, taxpayers would have the option to provide the IRS directly with their personal financial information (used to calculate whether a person owes taxes) rather than have third parties – such as their bank or employer – do so.

According to Warnock and Barrasso, the bill is meant to protect taxpayer privacy and reputation and increase IRS transparency.

“[T]axpayers shouldn’t have to worry about the Internal Revenue Service (IRS) soliciting personal financial information behind their backs. They deserve to have the option to provide this sensitive information to the IRS directly,” Barrasso said.

“By providing that opportunity, our bipartisan bill will safeguard the reputation of taxpayers and small business owners across the country. It will also force the IRS to be as transparent as possible when it comes to the privacy of hardworking Americans,” he added.

Currently, if the IRS contacts third parties for tax information, it needs to notify the taxpayer that it is doing so, but it does not need to reveal which information it is seeking or from which entities. If passed, the bill would change that within 12 months of its being enacted.

The bill does include an exception, however. If the IRS determined that the information sought from a third party “is necessary notwithstanding whether the taxpayer could independently provide such information,” the IRS would not be subject to the extra reporting requirements stipulated by the bill.

Keep reading

“Chat Control” – EU Proposal To Scan All Private Messages Gains Momentum

A controversial European Union proposal dubbed “Chat Control” is regaining momentum, with 19 out of 27 EU member states reportedly backing the measure.

The plan would mandate that messaging platforms, including WhatsApp, Signal and Telegram, must scan every message, photo and video sent by users starting in October, even if end-to-end encryption is in place, popular French tech blogger Korben wrote on Monday.

Denmark reintroduced the proposal on July 1, the first day of its EU Council presidency. France, once opposed, is now in favor, Korben said, citing Patrick Breyer, a former member of the European Parliament for Germany and the European Pirate Party.

Belgium, Hungary, Sweden, Italy and Spain are also in favor, while Germany remains undecided. However, if Berlin joins the majority, a qualified council vote could push the plan through by mid-October, Korben said.

A qualified majority in the EU Council is achieved when two conditions are met. First, at least 55 percent of member states, meaning 15 out of 27, must vote in favor. Second, those countries must represent at least 65% of the EU’s total population.

Keep reading

Germany Turns Its Back on Decades‑Old Privacy Protections with Sweeping Surveillance Bill

For half a century, Germany’s privacy laws were treated like sacred scripture. Politicians swore by them, courts fortified them, and bureaucrats turned them into a national export. Other countries rolled out surveillance programs; Germany rolled out lectures about why that was a terrible idea. It was all rooted in the same ugly history lesson: if you give the state a big enough file on you, sooner or later you’ll end up in it.

That memory ran deep. The Nazi regime used personal records like ammunition, and the East German Stasi built a domestic surveillance industry so bloated it could have applied for EU funding.

Postwar Germany responded by making privacy a central pillar of its democratic identity. The Federal Constitutional Court even invented a “right to informational self‑determination,” which sounded academic but translated roughly to: “The government doesn’t get to rummage through your life just because it’s bored.”

Privacy commissioners became feared watchdogs who could slap down ministries and corporations alike. Every time politicians tried to sneak through a new security law, they’d be met with lawsuits, public outrage, and years of procedural trench warfare. It was tedious, but that was the point; democracy is supposed to make snooping inconvenient.

Now comes the Interior Ministry’s summer special: a bill that would let authorities hack devices without suspicion, track every airline passenger automatically, and scrap independent oversight.

We obtained a copy of the bill for you here.

Keep reading

DIGITAL ID: The Shocking Plan to Kill Free Speech Forever

The U.S. is on the verge of launching a dystopian online surveillance machine—and disturbingly, Republicans are helping make it law.

The SCREEN Act and KOSA claim to protect kids, but they’re Trojan horses. If passed, every American adult would be forced to verify their ID to access the internet—just like in Australia, where “age checks” morphed into speech policing. In the UK, digital ID is already required for jobs, housing, and healthcare.

This is how they silence dissent: by tying your identity to everything you read, say, or buy online.

The trap is nearly shut. Once it locks in, online freedom vanishes forever.

Will Americans wake up before it’s too late? Watch Maria Zeee expose the full blueprint—and how little time we have left.

Keep reading